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ABSTRACT 


The  increasing  number  of  computer  failures  and  crimes 
has  forced  managers  to  tighten  the  control  procedures  of 
their  EDP  systems.  However  the  cost  of  an  exhaustive  control 
strategy  is  often  very  expensive,  and  its  effectiveness  is 
not  guaranteed.  This  study  designs  and  implements  a  Decision 
Support  System  that  helps  determine  optimal  control 
procedures  for  EDP  systems  (CEA-DSS) . 

The  model  base  of  the  proposed  DSS  consists  of  various 
techniques  for  estimating  computer  exposures.  The  latter 
can  be  interactively  analyzed  via  a  Dialogue  interface  that 
supports  tabular  and  graphic  outputs.  CEA-DSS  also  provides 
extensive  database  management  capabilities  to  keep  track  of 
the  diverse  control  problems.  It  is  implemented  in  Pascal 
for  the  IBM-PC. 


TABLE  OF  CONTENTS 


I.  INTRODUCTION . 12 

A.  DEFINITION  OF  THE  PROBLEM . 12 

B.  THE  NEED  FOR  CONTROL  AND  SECURITY  OF 

COMPUTER  SYSTEMS  .  13 

C.  SCOPE  OF  THE  THESIS . 14 

D.  OBJECTIVE . 14 

E.  CHAPTER  OUTLINE . 15 

II.  THE  CEA  MODEL . 16 

A.  DEFINITIONS  OF  BASIC  CONCEPTS  .  16 

1.  The  Concept  of  Exposures . 16 

2.  Costs  of  Controls . 16 

3.  Benefits  of  Controls . 16 

4.  Effectiveness  of  Controls  .  17 

5.  Interdependencies  between  Controls  ....  17 

B.  ASSUMPTIONS  .....  17 

C.  SUMMARY  DESCRIPTION  OF  THE  MODEL . 17 

1.  Define  all  Possible  Control  Sets . 17 

2.  Compute  Expected  Cost  due  to  EDP 

Exposures  . . 19 

3.  Compute  the  Value  of  each  Control 

Activity . 20 

4.  Compute  the  Total  Value  of  each  Control 

Set . 20 

5.  Compute  the  Total  Expected  Loss  for  each 

Control  Set . 20 

6.  Compute  the  Cost  for  each  Control  Set  ...  21 

7.  Compute  the  Benefit  Cost  Ratio  for  each 

Control  Set . 21 


5 


8.  Compute  Total  Expected  Cost  for  each 

Control  Set . 21 

9.  Select  the  Optimal  Control  Set . 21 

III.  THE  DSS  FRAMEWORK . 23 

A.  THE  ROLES  AND  FUNCTIONS  OF  THE  CEA-DSS  ....  23 

B.  THE  SYSTEM  RESOURCES . 24 

IV.  THE  DIALOG  COMPONENT . 25 

A.  THE  USER  INTERFACE . 25 

1.  The  Frame . 25 

2.  The  Menus  .........  26 

3.  Questions/Answers  . . 27 

4.  Messages . 27 

5.  Input/output  Forms  . . 29 

6.  Graphics  . . 29 

7.  Printed  Reports . 29 

8.  Help . 31 

B.  THE  INTERMODULE  LINKAGE . 31 

C.  THE  CONTROL . 31 

V.  THE  MODEL  COMPONENT . 32 

A.  THE  MODEL  BASE . 32 

1.  The  Weighted  Method . 32 

2.  The  P.E.R.T.  Method . 32 

3.  The  Ranking  Method . 32 

4.  The  Effective  Control . 32 

5.  The  Control  Set3  . . 33 

B.  THE  MODEL  BASE  MANAGEMENT . 33 

C.  MODEL  EXECUTION . 34 

D.  SENSITIVITY  ANALYSIS  .  34 

E.  DIALOG  INTERFACE  .  34 

F.  DATABASE  INTERFACE  .  34 


6 


VI.  THE  DATA  COMPONENT . 35 

A.  THE  DATABASE  MANAGEMENT  SYSTEM  (DBMS)  ....  35 

B.  FILES  USED  BY  THE  SYSTEM . 35 

C.  FILE  CREATION/RETRIEVAL . 36 

VII.  DATABASE  DESIGN . 37 

A.  LOGICAL  DATABASE  DESIGN  .  37 

1.  Logical  database  records . 37 

2.  Logical  Database  Record  Relationship  .  .  .  40 

3.  Data  Manipulation  in  the  CEA-DSS 

Database . 41 

B.  PHYSICAL  DATABASE  DESIGN  .  43 

1 .  Design  Constraints  . . 43 

2.  The  Physical  Schema . 43 

VIII.  IMPLEMENTATION  OF  THE  CEA-DSS . 46 

A.  THE  PROGRAMMING  LANGUAGE . 46 

B.  SUPPORTING  PACKAGES  .  46 

C.  THE  DATA  FLOW  IN  THE  CEA-DSS . 46 

1.  The  Main  Area . * . 46 

2.  The  Database . 47 

3.  The  Model . 47 

4.  The  Sensitivity  Analysis  Area . 47 

D.  SOFTWARE  STRUCTURE  .  47 

E.  IMPLEMENTATION  PROBLEMS  .  58 

F.  EFFORT  DISTRIBUTION  FOR  THE  CEA-DSS 

DEVELOPMENT . 59 

IX.  A  SESSION  WITH  THE  CEA-DSS . 60 

X.  CONCLUSION . 75 

APPENDIX  A:  MESSAGES  .  77 


7 


APPENDIX  B:  THE  HELP  FACILITY . 80 

APPENDIX  C:  THE  PROGRAM  LISTING  .  84 

LIST  OF  REFERENCES . 150 


INITIAL  DISTRIBUTION  LIST 


151 


LIST  OF  TABLES 


DEFINITION  OF  VARIABLES  USED  BY  THE  MODEL 

LOGICAL  DATABASE  RECORDS  . 

CONSTRAINTS  FOR  LOGICAL  DATABASE  RECORDS 
POSSIBLE  TRANSACTIONS  FOR  THE  CEA-DSS 

PHYSICAL  DATABASE  RECORDS  . 

EFFORT  DISTRIBUTION  . 


LIST  OF  FIGURES 


2.1  The  Process  of  the  CEA  Model . 22 

4.1  The  Frame  of  the  CEA-DSS . 26 

4.2  Menus''  Tree  Hierarchy . 28 

4.3  Input/output  Forms  . . 30 

7.1  Data  Structure  Logical  Diagram  .  40 

7.2  Decomposition  of  the  Data  Structure . 41 

8.1  Main  Area  Flow  Diagram . 48 

8.2  Database  Flow  Diagram . 49 

8.3  Delete  Problem  Flow  Diagram  (Database)  .  50 

8.4  Update  Files  (Database)  .....  51 

8.5  Model  Flow  Diagram  .....  52 

8.6  Control  Sets  Flow  Diagram  (Model)  . 53 

8.7  Sensitivity  Analysis  Flow  Diagram  .  54 

8.8  Control  Strategy  Flow  Diagram  (Sena.  Analysis)  .  .  55 

8.9  Graphics  Flow  Diagram  (Sens.  Analysis)  .  56 

8.10  The  Refined  Software  Structure  .  57 

9.1  Drive  Definition  .  60 

9.2  Directory . 61 

9.3  Data  Entry . 62 

9.4  Main  Menu . 63 

9.5  Model  Menu  and  Cost  Level  Entry . 64 

9.6  Sensitivity  Analysis  Menu  . . 65 

9.7  An  Expected  Losses  Report  .  66 

9.8  A  Control  Effectiveness  Report  .  67 

9.9  A  Control  Sets  Report . 68 

9.10  The  Print  Menu . 69 

9.11  Graphical  Analysis  using  Curves  .  70 

9.12  Graphical  Analysis  using  Histograms  .  71 

9.13  The  most  Effective  Control  Strategy . 72 

9.14  The  most  Cost-Effective  Control  Strategy  .  73 

9.15  Database  Menu  . . 74 


ACKNOWLEDGEMENTS 


At  the  completion  of  this  research  the  author  wishes  to 
express  his  gratitude  as  well  as  his  personal  sincere 
appreciation  to  professors  T.  X.  Bui  and  N.  R.  Lyons  for 
their  assistance. 

Furthermore  he  would  like  to  express  his  sincere 
appreciation  to  his  parents  Antonios  and  Alexandra  for 
their  spiritual  support. 

Finally,  the  author  dedicates  this  thesis  to  his  wife 
Anastasia,  who  has  always  encouraged  and  helped  him  during 
his  efforts  for  education  and  continuous  self  improvement. 


I 


INTRODUCTION 


A.  DEFINITION  OF  THE  PROBLEM 

Management's  concern  over  adequate  controls  is  useless 
if  the  data  processing  system  designers,  EDP  auditors  and 
their  managers,  do  not  have  the  proper  training  and  control 
techniques  to  utilize  when  designing  or  reviewing  the 
controls  associated  with  computer  systems. 

No  one  has  ever  made  a  convincing  estimate  of  the  total 
cost  of  intentional  and  unintentional  loss-causing  acts 
associated  with  Electronic  Data  Processing  (EDP)  processes, 
but  it  is  clear  that  the  cost  is  high.  Recently,  many 
articles  in  professional  journals  as  well  as  textbooks  on 
EDP  controls  have  been  published  responding  to  the  urgency 
of  protection  and  prevention  of  computer  failures  and 
frauds.  Most  of  these  studies  focus  on  the  identification 
of  potential  exposures,  understanding  of  current  control 
technology  and  the  elaboration  of  EDP  audit  trails.  These 
articles  also  refer  to  the  importance  of  estimating  costs 
and  benefits,  the  integration  of  different  audit  processes, 
and  the  various  natures  of  computer  failures  and  correspond¬ 
ing  protection  and  prevention  measures  CRef .  1  and  2) . 
However  a  more  formalized  methodology  remains  to  be  desired. 

As  a  consequence  of  this  lack  of  formalized  framework, 
the  design  of  EDP  control  systems  frequently  relies  on 
subjective  estimations  of  the  'EDP  controller'  or  the 
'evaluator'  for  performing  Cost-Effectiveness  Analysis 
(CEA).  This  approach  has  two  major  disadvantages.  First,  the 
dense  and  complex  inter-relationships  between  potential 
computer  errors  and  related  types  of  control  procedures  may 
make  difficult,  if  not  impossible,  for  the  EDP  auditor  to 
capture  the  totality  of  the  problem.  Second,  the  combined 
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use  of  control  procedures  may  cause  uncontrollable  and 
undesirable  effects.  For  example.  over-auditing  reduces  the 
throughput  of  the  computer  system  due  to  delays  caused  by 
redundant  control  measures,  or  under-auditing  reduces  the 
protection  effectiveness  due  to  incomplete  control  measures. 

B.  THE  NEED  FOR  CONTROL  AND  SECURITY  OF  COMPUTER  SYSTEMS 

The  management  of  an  entity  is  responsible  for 
establishing  and  maintaining  adequate  controls.  The 
establishment  and  maintenance  of  a  system  of  controls  is  a 
significant  management  obligation. 

A  complex  on-line  data  communication-oriented  system 
consists  of  various  combinations  of  hardware,  software, 
facilities,  people,  and  the  policies  and  procedures  that 
interrelate  these  components.  The  many  diverse  components 
and  potential  entry-points  into  a  complex  on-line  system 
make  it  possible  for  a  person,  with  sufficient  technical  or 
applications  knowledge,  to  enter  the  system  and  make 
unauthorized  manipulations  of  data,  programs,  or  operational 
procedures.  Furthermore,  control  procedures  for  an  on-line 
system  cut  across  many  lines  of  responsibility  within  an 
organization,  creating  a  control  problem  in  Itself. 

As  the  number  of  more  sophisticated  computer  installa¬ 
tions  increases  rapidly,  computers  are  taking  on 
increasingly  responsible  work.  The  more  vital  the  work  of 
the  computer,  the  more  important  is  to  protect  it  from 

failure  and  catastrophe,  and  from  criminals  and  people 
who  misuse  its  power.  The  following  are  typical  cases  of 
critical  computer  implementations  [Ref.  31: 

•  A  large  city  uses  a  computer  for  controlling  its 

police  operations.  All  police  vehicles  and  ambulances 
are  dispatched  by  men  using  terminals  that  inform  them 
of  the  current  emergencies.  If  the  computer  system  was 
put  out  of  action,  many  of  the  operations  could  not  be 
controlled . 

•  747s  approaching  a  congested  airport  are  prevented 

from  colliding  by  a  computerized  air  traffic  control 


system.  The  air  traffic  density  has  been  allowed  to 
increase  to  such  a  level  that  it  could  not  be  handled 
without  the  computer  system. 

•  A  variety  of  nuclear  weapon  systems  are  under  computer 
control.  The  decision  to  launch  a  defensive  nuclear 
attack  is  made  by  men  reacting  quickly  to  information 
from  computer  systems. 

■  Commercial  data  banks  contain  trade  secrets  and  other 
information  that  could  be  worth  many  millions  of 
dollars  to  the  competitors. 

Functions  like  these  demand  for  data  integrity,  security 
and  privacy.  The  data  processing  function  must  not  loose 
vital  data,  introduce  errors  into  them  and  permit  unauthori¬ 
zed  persons  to  read  or  modify  the  data. 


C.  SCOPE  OF  THE  THESIS 

A  conventional  life  cycle  of  a  computer  audit  process 
consists  of  the  following  six  phases: 

1.  Information  gathering. 

2.  Evaluation  of  current  control  technique. 

3.  Identification  of  new  control  measures  or  strategies. 

4.  Selection  of  control  strategy. 

5.  Implementation. 

6.  Ex-post  evaluation. 

This  thesis  concentrates  only  on  the  fourth  phase, 
the  selection  of  control  strategy,  attempting  to  apply  the 
Decision  Support  Systems  <DSS>  technology  into  the  cost 
effectiveness  auditing  process. 


D.  OBJECTIVE 

The  objective  of  the  thesis  is  to  introduce  a  D5S  for 
CEA.  This  may  help  EDP  auditors  and  computer  center  managers 
to  design  successful  EDP  control  and  security  systems,  and 
monitor  the  effectiveness  of  the  existing  ones. 

The  issue  of  interactiveness  seems  to  be  critical  in 
thi3  context  since  the  process  of  controlling  EDP  systems  is 


expected  to  be  not  frequent.  The  importance  of  interactive¬ 
ness  is  further  accentuated  when  EDP  controllers  face  a 
large  combination  of  controls.  Assuming  that  the  DSS 
learning  curve  of  the  end-user  is  low  to  none,  the  proposed 
DSS  emphasizes  on  the  user  friendliness  of  the  system. 

E.  CHAPTER  OUTLINE 

Chapter  2  gives  a  summary  description  of  the  CEA  Model 
that  the  DSS  attempts  to  apply.  The  third  chapter  provides  a 
framework  addressing  user  requirements  and  functions  that 
the  DSS  has  to  meet. 

The  fourth  chapter  is  concerned  about  the  detail  design 
of  the  Dialog  Component  of  the  system.  The  fifth  chapter 
discusses  the  design  of  the  Model  Component.  The  sixth 
chapter  describes  the  design  of  the  Data  Component,  and  the 
seventh  chapter  focuses  on  the  Database  design  which  is  part 
of  the  Data  Component. 

The  implementation  of  the  DSS,  along  with  implementation 
problems  encountered,  is  discussed  in  chapter  8.  Chapter  9 
gives  an  example  of  the  system's  operation  simulating 
the  selection  of  control  strategy  process. 

Finally,  possible  future  extensions  of  the  proposed  DSS 
and  concluding  comments  are  discussed  in  the  last  chapter. 
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II 


The  purpose  of  a  cost-effectiveness  analysis  is  to 
determine  the  moat  cost  effective  control  strategy  to  reduce 
or  eliminate  potential  errors  and  failures.  It  has  been  a 
generally  accepted  view  that  CEA  is  best  used  when  it  is 
integrated  in  the  whole  audit  process.  Some  definitions  of 
the  basic  concepts  are  necessary  to  the  understanding  of 
the  CEA  Model  [Ref.  43. 

A.  DEFINITIONS  OF  BASIC  CONCEPTS 

1 .  The  Concept  of  Exposures 

The  key  element  to  start  a  CEA  is  not  control  but 
exposure.  The  concept  of  exposure  is  based  on  the  assumption 
that  the  degree  of  vulnerability  of  computer  systems  may  be 
reduced  by  enforcing  EDP  control  measures,  but  cannot  be 
totally  eliminated  due  to  some  errors  that  remain  unpredict¬ 
able  or  unable  to  fully  corrected. 

2.  Costs  of  Controls 

Costs  of  EDP  controls  include  all  costs  associated 
with  the  design,  implementation  and  use  of  the  controls. 
With  experience  gained  in  designing  and  implementing  control 
systems,  the  costs  become  easier  to  be  identified  and 
quantified . 

3.  Benefits  of  Controls 

The  identification  and  quantification  of  benefits 
derived  from  control  measures  is  very  difficult.  One  way  to 
look  at  benefits  is  to  interpret  them  as  a  function  control 
effectiveness . 
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Effectiveness  of  Controls 

The  effectiveness  of  a  control  is  the  extent  to 
which  this  control  can  reduce  or  minimize  the  probability 
that  an  exposure  occurs,  reduce  the  damage  if  an  exposure 
happens,  and/or  recover  quickly  from  a  damage.  Therefore 
the  reliability  or  performance  of  a  control  can  be  expressed 
as  a  percentage  of  control  effectiveness  relative  to  the 
related  exposure. 


Interdependencies  between  Controls 


Often,  a  control,  though  primarily  aimed  at  correct¬ 
ing  a  specific  exposure,  may  affect  one  or  more  other 
exposures.  Such  interdependencies  may  dramatically  affect 
the  effectiveness  of  an  EDP  control  system. 


B.  ASSUMPTIONS 


The  model  assumes  that  the  following  conditions  hold: 

Managers  and  auditors  have  limited  time  and  capital 
resources  for  EDP  controls. 

Each  corporate  computer  system  is  characterized  by 
its  specific  and  unique  control  structure. 

Independence  between  potential  failures  or  errors 
within  a  computer  system. 

Each  applied  control  is  expected  to  prevent,  correct 
or  eliminate  one  or  more  potential  errors,  and/or 
affect  others  positively  or  negatively. 

Costs  for  EDP  controls  are  known  and  quantifiable 


C.  SUMMARY  DESCRIPTION  OF  THE  MODEL 

Table  1  lists  all  the  variables  involved  in  the  mathema¬ 
tic  formulas  of  the  model.  The  CEA  Model  consists  of  the 
following  steps: 

1 .  Define  all  Possible  Control  Sets 

A  control  set  is  simply  a  combination  of  different 
available  EDP  controls.  If  there  are  n  independent  controls. 
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TABLE  1 


DEFINITION  OF  VARIABLES  USED  BY  THE  MODEL 


Symbol 

m 

n 


Description 

Number  of  potential  errors  or  exposures 
Number  of  individual  control  activities 
Control  activity,  where  i  *  1  to  n 


Costs  of  implementing  a^ 

Number  of  control  seta 
Control  set,  where  k  =1  to  S 
Potential  error  or  exposure,  where  j  3  1 
Probability  that  e^  occurs 
Amount  of  damage  when  e^  occurs 
Expected  damage  caused  by  e^ 
Effectiveness  of  control  ai  on  exposure 
Expected  benefits  obtained  from  a^ 
Expected  benefits  obtained  from  s^ 
Expected  loss  resulted  in  using  s^ 

Costa  of  implementing  s^ 

Total  cost  associated  with  s 


to 


m 


L8 


the  maximum  number  of  control  sets  is  defined  as  follows: 


n 

5  =  Z  In!  /  (i!  •  (n  -  i)!)J 

i  =  1 


This  combinatorial  approach  provides  an  exhaustive 
identification  of  control  seta.  However,  it  may  lead  to  a 
huge  amount  of  possible  combinations,  when  n  becomes  big. 


Compute  Expected  Cost  due  to  EDP  Exposures 


Expected  losses  due  to  occurrence  of  EDP  exposures 
can  be  estimated  using  the  weighted  probability  function, 
the  P.E.R.T.  method  under  the  Accounting  definition,  and/or 
the  ranking  method. 

Under  the  weighted  probability,  given  an  exposure, 
the  probability  0f  its  occurrence,  and  the  amount  of  its 
damage,  the  expected  loss  is  defined  as  follows: 


=  PrtOj) 


Under  the  P.E.R.T.  method,  given  an  exposure  and  the 
smallest  <  11  ^ )  ,  the  most  likely<12;J>  and  the  largest<13^) 
estimated  dollar  losses  if  the  exposure  occurs,  the  expected 
loss  is  defined  as  follows: 

1  =  <11  ♦  12,  +  13  >  /  6 
3  3  3  3 


The  Ranking  method  is  based  on  two  types  of  subject¬ 
ive  rating  scales  related  to  the  Rank  P  and  the  Rank  Q. 
Rank  P  is  the  probability  of  occurrence  of  computer  failures 
and  Rank  Q  is  the  amount  of  damage  caused  by  a  potential 
exposure.  Given  P  and  0,  the  expected  loss  can  be  computed 
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Compute  the  Value  of  each  Control  Activity 


The  value  of  a  control  activity  a.  is  defined  as 

1 

the  sum  of  the  products  between  the  expected  amount  of 
damage  1^  and  the  effectiveness  of  a^  on  exposure  e^ : 


v 

i 


m 

Z  Cl 
3  =  1  3 


) 


4.  Compute  the  Total  Value  of  each  Control  Set 


The  calculation  of  the  value  of  each  control  set 

must  take  into  consideration  30int  effects  of  multiple 

control  activity  on  single  exposure.  For  all  a  contained 

ins  : 
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5.  Compute  the  Total  Expected  Loss  for  each  Control  Set 


The  enforcement  of  control  measures  is  likely  to 
reduce  the  probability  of  occurrence  of  computer  failure 
and,  consequently,  the  expected  loss.  However  the  reduction 
of  expected  loss  is  effective  only  on  the  exposures  that  are 
affected  by  controls.  The  computation  of  expected  losses 
includes  3oint  effects  of  control  activities.  Thus,  for  all 
a  in  s,  : 
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The  cost  of  the  control  set  C,  .  is  the  sum  of  the 

k 

costs  of  the  individual  control  activities  in  the  set: 

n 

C,  =  2  c,  if  a.  €  s.  ,  k  =  l.S 

k  i  i  k 

7.  Compute  the  Benefit  Cost  Ratio  for  each  Control  Set 

The  Cost  Benefit  Ratio  of  a  control  set  s,  can  be 

k 

defined  as  the  gross  value  of  s^(step  4)  divided  by  the 
total  cost  of  the  setCstep  6): 

BCR  =  V.  /  C.  where  k  =  1,5 

K  K 

8.  Compute  Total  Expected  Cost  for  each  Control  Set 

The  total  expected  cost  for  the  control  set  is  the 

sum  of  the  total  cost  of  control  C.  plus  the  total  expected 

k 

loss : 

TC,  *  C,  +  L,  where  k  =  1,3 

k  k  k 

9.  Select  the  Optimal  Control  Set 

The  determination  of  an  optimal  control  set  depends 
on  the  selection  criterion  adopted  by  EDP  managers  or 
auditors.  One  can  either  choose  the  control  set  that  minimi¬ 
zes  the  total  expected  cost(TC^)  or  the  one  that  maximizes 
the  Benefit  Cost  RatioCBCR).  BCR  represents  the  amount  of 
benefits  obtained  per  unit  of  cost  of  the  investment. 


Figure  2.1  represents  the  whole  process  of  the  CEA 


Figure  2 . 1 


The  Proceaa  of  the  CEA  Model 
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THE  DSS  FRAMEWORK 


The  literature  on  DSS  agree  upon  the  emergence  of  the 
three  main  components  of  a  DSS:  the  Dialog  component,  the 
Model  component  and  the  Data  component.  The  separation  of 
these  components  can  result  in  simplicity  of  development  and 
maintenance  CRef.  5].  Although  these  advantages  are  extreme¬ 
ly  desirable,  there  are  cases  where  the  complexity  of  the 
model  component  makes  the  complete  separation  ineffective. 

The  CEA-DSS  falls  in  that  category  because  the  nature  of 
the  CEA  Model  requires  a  fairly  complex  and  restrictive  User 
Interface.  The  Quick-hit  development  strategy,  according  to 
which  the  DSS  has  been  developed,  consists  of  using  the 
latest  technology  to  quickly  design  a  low-cost  system  for 
immediate  pay-off  CRef.  63. 

A.  THE  ROLES  AND  FUNCTIONS  OF  THE  CEA-DSS 

From  the  decision  maker  point  of  view,  the  user  may 
expect  CEA-DSS  to  perform  the  following  functions: 

•  Save  substantial  amount  of  time  to  generate  the 
numerous  alternative  control  combinations. 

•  Support  him  or  her  to  evaluate  the  alternatives  and 
choose  among  them  the  alternative  that  fits  better  at 
the  particular  situation  according  to  the  available 
budget . 

•  Provide  the  capability  to  monitor  EDP  control  and 
security  systems  in  terms  of  Cost-Effectiveness. 

•  Provide  graphical  and  tabular  analyses  to  help  the 
decision  maker  select  close  alternatives. 

From  a  system  analysis  viewpoint  ,  CEA-DSS  essentially 
performs  the  roles  of  data  analysis  and  generation  of 
expected  costs  and  benefits  of  control  strategies.  Data 
analysis  also  allows  the  decision  maker  to  sort  the  data. 
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THE  SYSTEM  RESOURCES 


Decision  processes  are  dependent  on  variations  m 
decision  makers,  i.e.  users,  as  well  as  types  of  problems  or 
tasks.  Observations  on  decision  makers  indicate  that: 

•  Many  users  have  trouble  describing  a  decision-making 

process.  They  seem,  instead,  to  rely  on 

conceptualizations,  such  as  graphs  or  tables,  when 
making  or  explaining  a  decision  [Ref.  73.  Thus  the  DSS 
must  help  the  user  to  conceptualize  a  problem. 

•  Users  need  memory  aids  [Ref.  83 .  These  memory  aids 

may  be  physical,  such  as  scratch  paper,  memos,  or 
reports.  The  DSS  should  provide  memory  aids  compatible 
with  their  needs.  Directories,  databases,  workspaces, 
triggers  are  some  typical  memory  aids  the  DSS  should 
provide  the  user. 

•  Users  have  different  styles,  skills  and  knowledge 

[Ref.  93 .  Therefore,  if  the  DSS  is  designed  to  support 
a  specific  process,  it  would  probably  support  a 

specific  set  of  styles,  skills  and  knowledge. 

•  Users  expect  to  exercise  control  over  the  DSS.  Direct 
control  of  the  DSS  allows  the  DSS  to  satisfy  the 
different  styles  mentioned  above.  The  user  must 
understand  what  the  DSS  can  do  and  be  able  to  interpret 
its  outputs. 


IV.  THE  DIALOG  COMPONENT 


The  dialog  component  is  the  most  elegant  part  of  the 
DSS  design.  There  are  no  absolute  rules  or  algorithms  for 
the  design  process.  It  is  often  left  upon  the  intuition  of 
the  designer  to  balance  user  requirements  with  system 
requirements  and  provide  the  optimal  dialog  component. 

The  dialog  component  of  the  CEA-DSS  consists,  at  least 
conceptually,  of  the  following  three  main  units: 

•  The  user  interface. 

•  The  intermodule  linkage. 

•  The  control . 

A.  THE  USER  INTERFACE 

The  user  interface  unit  provides  the  link  between  the 
user  and  the  system.  Its  primary  concern  is  to  make  the 
system  'user  friendly'.  Even  if  a  DSS  provides  extremely 
powerful  functions,  it  may  not  be  used  if  the  user  interface 
is  unacceptable. 

For  the  CEA-DSS  a  full  screen  frame  is  the  standard 
presentation  of  the  system  to  the  end-user.  The  user,  having 
only  one  screen  format  to  deal  with,  gets  familiar  with  the 
system  faster. 

The  man-machine  interaction  is  carried  out  through 
menus,  quest  ions/ answers ,  messages,  input/output  forms, 
iraphscs,  printed  reports  and  a  help  facility. 

i .  The  Frame 

Kiqure  4.1  shows  the  frame  of  the  CEA-DSS.  It  is 

divided  into  the  following  areas: 

The  PROBLEM  area.  In  this  area  appears  the  description 
of  the  problem  currently  processed. 
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•  The  ACTION  area.  This  area  informs  the  user  about,  which 
part  of  the  system  is  currently  accessed. 

•  The  WORK  area.  This  is  the  place  where  the  greatest 
part  of  the  dialog  is  accomplished.  All  the  menus, 
messages,  input/output  forms  and  the  directory  of  the 
DSS  appear  here. 

.  The  SUBMENU/SELECTION  area.  In  this  area  appear 
submenus  in  line  format  and  the  user  is  asked  to  make  a 
selection.  This  area  is  also  reserved  for 
question/answers  and  the  'press  any  key..'  prompt, 
reminding  the  user  that  the  system  is  waiting  for  some 
action. 


Figure  4.1  The  Frame  of  the  CEA-DSS 


2 .  The  Menus 

The  menus  of  the  CEA-DSS  are  organized  in  a  four 
level  tree  hierarchy.  The  root  of  the  tree  is  the  MAIN  MENU 
of  the  system.  From  this  menu  can  be  called  any  menu  that 
belongs  in  the  second  level.  The  latter  contains  has  the 
DATABASE  MENU,  the  MODEL  MENU,  and  the  SENSITIVITY  ANALYSIS 
MENU.  The  third  level  consists  of  the  database  submenu,  the 


CONTROL  STRATEGY  MENU,  the  GRAPHICS  MENU  and  the  PRINT 
MENU.  Finally,  in  the  fourth  level  there  are  the  control 
strategy,  the  graphics  and  print  submenus.  Figure  4.2  shows 
the  tree  hierarchy  of  the  menus. 

One  level  at  a  time,  upwards  or  downwards,  is 
allowed  for  the  same  branch  of  the  tree.  Changes  from  one 
branch  to  another  require  the  control  to  be  routed  up  to  the 
root  of  these  two  branches.  Although  this  is  a  little 
restrictive  for  the  user,  it  improves  the  indermodular 
independence  and,  consequently,  the  overall  control  and 
clarity  in  the  system. 

All  the  menus,  submenus  not  included,  have  their  own 
help  command  which  the  user  may  use  to  get  some  useful 
information  about  the  area  of  the  DSS  he/she  is  currently 
accessing.  Most  of  the  menus  are  discussed  in  Chapter  9. 

3 .  Quest ions /Answers 

There  are  a  few  questions/answers  in  the  CEA-DSS. 
They  are  used  either  in  cases  where  the  system  must  be 
reassured  that  the  user  made  the  correct  selection,  or  for 
single  data  entries. 

4 .  Messages 


Messages,  almost  always,  appear  at  the  center  of  the 
work  area  accompanied  by  a  ''beep'  sound.  Messages,  according 
the  reason  of  their  initiation,  fall  into  the  following 
three  categories: 

•  Trigger  Messages.  These  remind  the  user  that  certain 
operations  may  need  to  be  performed  that  the  system 
cannot  accomplish. 

•  Informal  messages.  They  inform  the  user  about  what 
process  is  the  system  performing.  The  primary  concern 
of  this  category  is  to  cover  the  gaps  in  the  dialog 
caused  by  time  consuming  processes. 

.  Error  Messages.  They  are  initiated  when  the  user 
supplies  the  system  with  incorrect  entries.  While 
editing  exposures  or  controls,  'beep'  sounds  notify  the 
user  for  entry  errors. 


SUBMENU  SUBMENU  SUBMENU 


All  messages  along  with  the  reason  that  causes  their 
initiation  are  listed  in  Appendix  A. 

5 .  Inout/output  Forms 

The  system  needs  only  three  forms  for  its  operation. 
Two  of  them  are  input/output  forms  and  one  output  form.  One 
input/output  form  is  dedicated  to  the  Control  activities  and 
the  other  one  to  the  Exposures.  Both  are  used  by  the 
Database  Management  System  for  editing  purposes.  The  output 
form  is  used  by  the  Sensitivity  Analysis  for  presenting 
the  moat  effective  or  most  cost  effective  Control  Strategy. 

Figure  4.3  shows  the  two  input/output  forms.  Fields 
filled  with  Xs  indicate  that  any  character  is  valid,  while 
9s  represent  numeric  characters  only.  Notice  that  the 
control  input/output  form  is  a  variable  one.  The  number  of 
the  "Effectiveness  on  Exposure”  fields  that  appear  on  the 
form  depends  on  the  number  of  Exposures. 

6.  Graphics 

The  objective  of  the  graphics  part  is  to  help  the 
user  conceptualize  the  differences  among  alternatives  over 
the  cost  range  he/she  prefers.  Graphics  can  also  be  used  to 
supply  parameters  for  the  operations.  For  example,  a  point 
selected  on  a  graph  can  identify  a  key  value  that  will  be 
used  to  retrieve  detailed  information.  Representations  like 
curves  and  histograms  are  the  most  appropriate  for  this 
particular  application. 

7 .  Printed  Reports 

Although  not  technically  a  part  of  the  DS5,  printed 
reports  are  aimed  to  provide  the  user  with  an  easy-to-read 
summary  of  the  processed  problem.  This  summary  consists  of 
the  exposure  table,  the  control  table  and  the  listing  of 
the  sets  generated  by  the  model .  The  user  may  select  any  of 
these  reports  or  all  of  them  to  be  printed. 


RFrROOUCED  AT  GOVERNMENT  EXPENSE 


PROBLEM:  PROBLEM! 


ACTION:  ADD  EXPOSURE 


Index :01  Description:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX  j 

WEIGHTED:  Damage: $99999999 

Probability:0.999 

i 

i 

P.E.R.T:  Seal lest :$9999999! 

Host  Likely:$99999999 

Largest: $99999999 

RANKS:  Rank  P:9.999 

Rank  0:9.999 

Rank  P  Daaage  caused  by  error 

Rank  Q 

Damage  caused  by  failure  ; 

0  virtually  impossible 

0 

negligible  j 

1  eigfit  hapoen  once  in 

400  years 

1 

about 

$10 

£  might  happen  once  in 

40  years 

2 

about 

$100 

3  might  happen  once  in 

4  years 

3 

about 

$1,000  ! 

4  might  happen  once  in 

100  days 

4 

about 

$10,000  j 

5  might  haopen  once  in 

10  days 

5 

about 

$100,000  1 

6  might  hapoen  once  in 

1  day 

6 

about 

$1,000,000  j 

7  might  happen  ten  times  a  day 

7 

over 

$1,000,000  I 

IS  RECORD  CORRECT  (Y/NP  : 

i 

i 

i 

Today  Is:  8/19/1985 

!  PROBLEM:  PROBLEM! 


ACTION:  ADD  CONTROL 


Inoex:01 


Descr-iotxor.:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 


Cost: $99999995 


!  Effect 
j  Effect 
i  Effect 
i  Effect 
l  Effect 
Effect 
Effect 
Effect 
Effect 
Effect 
Effect 
Effect 


iveness 

iveness 

iveness 

iveness 

iveness 

iveness 

iveness 

iveness 

iveness 

iveness 

iveness 

iveness 


on  Exposure  1 
on  Exoosure  £ 
on  txoosure 
on  Exposure 
on  Exoosure 
on  Exposure 
on  Exoosure 
on  Exoosure  8 
on  Exoosure  9 
on  Exoosure  10 
on  Exoosure  11 
on  Exoosure  12 


0.993 

0.999 

0.999 

0.999 

0.999 

0.999 

0.999 

0.999 

0.999 

0.999 

0.999 

0.999 


Effectiveness  on  Exposure  15:  0.999 
Effectiveness  on  Exposure  14:  0.999 
Effectiveness  on  Exposure  15:  0.999 
Effectiveness  on  Exoosure  IE:  0.999 


i 


IS  RECORD  CORRECT (Y/NP  : 


i  Tooav  Is:  8/19/1985 

I 


Figure  4.3  Input/output  Forms 
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The  purpose  of  the  help  facility  is  to  provide  the 
user  with  on-line  information  about  the  specific  area  of  the 
system  he/she  is  currently  accessing.  Each  help,  one  for 
each  menu,  is  written  in  such  a  level  of  detail  that  enables 
its  presentation  in  one  full  screen  frame  only.  All  help 
documents  appear  in  Appendix  B. 

B.  THE  INTERMODULE  LINKAGE 

This  unit  assures  the  liaisons  with  the  model  and  the 
data  component.  Usually,  it  is  maintained  by  a  set  GOTO, 
CASE  and  IF_THEN_ELSE  statements.  Its  nature  and  structure 
are  highly  dependent  on  the  programming  language  and  the 
hardware  configuration  being  used  for  the  CEA-DSS. 

C.  THE  CONTROL 

On  the  one  hand,  as  in  section  3.B  stated,  users  expect 
to  exercise  control  over  the  DSS.  On  the  other  hand,  the 
system  has  to  control  its  processes  to  assure  an  error  free 
operation,  not  affected  by  incorrect  entries  and  requests. 
The  control  unit  is  the  part  of  the  dialog  component  which 
bridges  these  two  requirements.  It  i3  the  filter  between  the 
user  interface  and  the  intermodule  linkage  unit.  Validation 
of  input  data  and  verification  of  user  requests  are  its 
primary  functions.  All  the  error  messages  are  initiated  by 
this  unit.  Finally,  it  can  be  stated  that  the  control  unit 
provides  the  boundaries  within  which  the  user  is  allowed  to 
control  the  process. 
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V.  THE  MODEL  COMPONENT 


The  most  important  units  of  the  model  component  are 
the  Model  Base, the  Model  Base  Management,  the  Model  executi¬ 
on,  the  Sensitivity  Analysis,  the  Dialog  Interface  and  the 
Data  Interface. 

A.  THE  MODEL  BASE 

The  following  five  routines,  required  for  the  CEA  Model, 
are  the  content  of  the  model  base  for  the  CEA-DSS.  (The 
mathematical  definition  of  these  methods  was  discussed  in 
section  2 . C) . 

1 .  The  Weighted  Method 

This  routine  computes  the  expected  cost  due  to  EDP 
exposures  using  the  weighted  probability  function.  It 
retrieves  the  required  data,  directly  from  the  data  base, 
manipulates  the  data  and  stores  the  results  in  memory  for 
subsequent  computations. 

2.  The  P.E.R.T,  Method 

It  is  exactly  the  same  with  the  Weighted  Method 
routine  except  that  it  uses  the  P.E.R.T.  method  to  compute 
the  expected  cost  due  to  EDP  exposures. 

3.  The  Ranking  Method 

Similar  to  the  others,  it  computes  the  expected  cost 
due  to  EDP  exposures  using  the  Ranking  Method. 

4 .  The  Effective  Control 


The  role  of  this  routine  is  twofold:  To  compute  the 
Value  of  each  Control  activity  and,  if  possible,  to  reduce 


the  number  of  the  control  activities  that  will  be  actually 
used  in  the  generation  of  the  control  sets.  The  routine, 
having  the  results  of  one  of  the  tree  methods,  retrieves, 
directly  from  the  database,  data  related  to  the  Control 
activities.  For  each  Control,  it  computes  first  the  value 
and  then,  it  compares  that  value  with  the  associated  cost. 
If  the  value  is  greater  that  the  cost,  the  result  is  sent  to 
a  secondary  storage  for  subsequent  computations.  If  the 
value  is  less  or  equal  to  the  cost,  the  Control  activity  is 
ignored . 

5.  The  Control  Sets 

The  output  of  the  Effective  Control  routine  is  used 
by  the  Control  Sets  to  generate  the  control  sets,  ^or  each 
control  set  it  computes  the  steps  4  to  8  described  in  the 
CEA  model.  If  the  Total  Value  of  the  set  is  greater  than  its 
cost,  the  set  is  stored  in  the  database  for  decision 
analyses  support,  otherwise  it  is  ignored. 

B.  THE  MODEL  BASE  MANAGEMENT 

The  role  of  the  Model  Base  Management  is  to  coordinate 
the  model  base  and  the  data  analysis  functions.  Since  the 
CEA-DSS  is  aimed  to  support  only  the  model  described  in 
Chapter  II,  the  Model  Base  Management  does  not  provide  for 
on-line  modeling  or  model  update  and  restructure. 

Its  most  important  function  is  to  enable  the  user  to 
utilize  the  model  base  fully  for  decision  support  and  to 
perform  analysis  of  the  results.  This  function  is  performed 
by  iterative  rerun  of  the  model. 

Also,  it  is  responsible  to  update  the  Problem  record, 
kept  in  the  directory  of  CEA-DSS,  with  key  information  about 
the  model  runs.  Thus,  any  future  reference  to  this  problem 
will  not  require  any  model  execution,  except  if  modifica¬ 
tions  take  place  on  the  initial  data  or  on  the  cost  range. 
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MODEL  EXECUTION 


Contains  statements  to  call  routines  from  the  model 
base.  It  controls  the  execution  of  the  model  assuring  the 
logical  sequences  of  computation. 

D.  SENSITIVITY  ANALYSIS 

The  Sensitivity  Analysis  unit  helps  the  user  analyze  the 
results  of  the  model  runs.  It  is  directly  controlled  by  the 
dialog  component.  This  unit  consists  of  all  the  routines 
associated  with  graphic  representations,  control  strategy 
selection  and  hard  copy  reports. 

Input  data  for  the  sensitivity  analysis  are  the  control 
sets  in  the  set  files.  As  stated  earlier,  a  model  run  may 
produce  thousands  of  control  sets.  Therefore,  it  is  usual 
several  control  seta  to  have  exactly  the  same  cost.  Since 
the  amount  of  data  is  huge  and  the  analysis  is  primarily 
based  on  costs,  the  control  sets  in  a  set  file  must  be 
indexed  on  their  cost.  This  creates  the  requirement  for  the 
database  system  to  provide  for  direct  file  access  and  to 
allow  the  existence  of  duplicate  Keys  within  the  same  index. 

E.  DIALOG  INTERFACE 

The  model  component  is  directly  interfaced  with  the 
dialog  component  in  order  the  user  to  gain  control  over  its 
processes.  He/she  is  able  to  select  the  desired  statistical 
method  and  cost  range  for  a  model  run  and  the  cost  range  for 
the  data  analysis  process. 

F.  DATABASE  INTERFACE 

The  model  component  is  directly  interfaced  with  the  data 
component.  This  enables  the  model  component  to  create  and 
delete  the  set  files  where  the  generated  control  sets  are 
stored . 
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VI .  THE  DATA  COMPONENT 

The  data  component  consists  of  two  main  units.  The 
the  Database  Management  System  and  the  Database  discussed 
in  the  next  chapter. 

A.  THE  DATABASE  MANAGEMENT  SYSTEM  (DBMS) 

The  complexity  of  the  Dialog  component  and  the  Model 
component,  as  well  as  the  effective  and  efficient  operation 
of  the  system  lead  to  the  selection  of  a  Relational  Database 
system.  One  characteristic  of  a  Relational  Database  is  the 
use  of  fixed  length  records.  However,  variable  length 
records  cannot  be  avoided.  Since  the  data  component  requires 
functions  like  addition,  deletion  and  modification  on  data, 
the  elimination  of  modification  anomalies  seems  to  be  of 
high  priority. 

The  DBMS  provides  capabilities  for  sequential,  indexed 
sequential  and  direct  file  access.  Indexes  are  organized  as 
B-trees.  In  a  B-tree,  a  data  unit  is  accessed  by  using  a 
key.  Any  given  key,  primary  key,  is  related  to  one  and  only 
one  data  unit  in  a  data  file.  The  system  permits  also  the 
existence  of  duplicate  keys  or  secondary  keys,  which  are  of 
great  importance  for  the  sensitivity  analysis  as  discussed 
in  the  previous  section. 

B.  FILES  USED  BY  THE  SYSTEM 

Files  in  the  system  can  be  divided  into  three 
categories,  according  to  their  initial  creation: 

•  Files  created  by  the  data  component.  These  are  the 
directory  of  the  system  and  its  index.  The  directory 
contains  all  the  problems  available  in  the  system's 
library  indexed  on  their  description.  Duplicate  problem 
description  is  not  permitted. 
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*  Files  initiated  by  the  user.  The  Controls  file  and 
the  Exposures  file  fall  in  that  category,  indexed  on 
their  ' index".  Index  is  a  unique  key  generated  by  the 
DBMS  for  management  purposes.  It  keeps  track  of 
modification  anomalies  and  makes  the  user's  work 
easier.  Actually,  it  identifies  the  current  position  of 
the  data  unit  in  the  data  file  and  NOT  the  data  unit 
itself . 

•  Files  created  by  the  model  execution.  Each  time  the 
model  is  executed  for  a  specific  method,  a  set  file  is 
created  indexed  on  set  cost.  Duplicate  keys  are 
necessary  here  because  it  is  possible  several  sets  to 
have  the  same  cost.  These  files  cannot  be  modified  by 
the  user  or  the  system. 


C.  FILE  CREATION/RETRIEVAL 


The  Data  component  has  the  flexibility  to  deal  with 
library  of  problems  and  not  with  only  one  problem.  In  order 
to  achieve  that,  it  must  have  the  ability  to  recognize  and 
retrieve  the  files  related  to  the  problem  in  request,  or  to 
create  files  for  that  problem,  if  it  is  not  found  in  the 
directory  of  the  CEA-DSS.  The  algorithm  followed  is  the 
following : 

•  The  directory  of  the  system  has  the  fixed  file  name 
'PROBLEM'.  The  data  file  has  the  fixed  filetype 
'DTA'and  its  index  the  'IDX'. 

•  All  the  files  created  for  one  problem  have  as  file 
name  the  description  of  the  problem. 

•  The  controls  file  has  as  filetype  the  'DCL'  and  its 
index  the  ' ICL' . 

•  The  exposures  file  has  as  filetype  the  'DXP'  and  its 
index  the  ' IXP' . 


For  the  set  files  the  algorithm  used  is  more 
complicated.  Additionally,  the  DBMS  must  be  provided 
with  an  identifier  indicating  the  method  to  which  the 
set  file  refers.  For  that  reason,  the  filetype  for  set 
files  is  separated  into  to  fields.  The  first  one,  one 
character  long,  identifies  the  method,  and  the  second 
one,  two  characters  long,  identifies  the  data  file  or 
the  index.  For  the  first  field,  the  letters  'W','P'  and 


VII.  DATABASE  DESIGN 


To  some  extent.  Database  design  is  an  intuitive  and 
artistic  process.  There  is  no  algorithm  for  it.  Typically, 
it  is  an  iterative  process.  During  each  iteration,  the  goal 
is  to  get  closer  to  an  acceptable  design.  The  database 
design  is  divided  into  two  phases:  logical  design,  where  the 
needs  of  user  are  specified,  and  the  physical  design,  where 
the  logical  design  is  mapped  into  the  constrains  of  particu¬ 
lar  program  and  hardware  products. 

A.  LOGICAL  DATABASE  DESIGN 

1 .  Logical  Database  Records 

The  database  of  the  CEA-DSS  is  required  to  maintain 
four  different  kinds  of  records.  The  first  one,  the  PROBLEM 
record,  is  the  data  unit  of  the  system's  directory.  Each 
problem  has  its  own  unique  record.  This  record,  except  the 
problem  description,  contains  key  information  about  the 
most  recent  execution  of  the  model  on  that  problem.  The 
second,  is  the  EXPOSURE  record.  This  record  contains  the 
description  of  the  exposure  and  weights  for  the  three 
methods.  The  third,  the  CONTROL  record,  has  the  description, 
the  associated  cost  and  elements  indicating  the  effecti¬ 
veness  of  the  control  activity  on  different  exposures.  The 
last,  the  SET  record,  is  the  output  of  the  model  execution 
and  contains  the  combination  of  the  control  activities,  and 
the  results  of  the  model  run.  Field  descriptions  for  the 
logical  database  records  are  shown  in  Table  2. 

Constraints  on  data  items  appear  on  Table  3.  These 
constraints  are  limitations  on  the  values  that  database  can 
have.  They  are  divided  into  three  groups.  Field  constraints 
limit  the  values  that  a  given  data  element  can  have. 


TABLE  2 


LOGICAL  DATABASE  RECORDS 


Field  Description 

PROBLEM  Record: 


Problem_Descr ipt ion 
Problem, Crest or 
Problem~Date 
Controls_f or_ 

Weigh ted, Met hod 
Controls  for, 

P.E.R.T. ,Method 
Controls_for, 
Ranking_Method 
Weighted  Method, 

Total_Cost_of_Controls 
P.E.R.T.  Method, 

Total, Cost, of _Controls 
Ranking_Method 

Total  Coat  o?  Controls 


Alphanumeric,  8  chara 
Alphabetic,  25  charac 
Format  MM/DD/YY 

Numeric ( integer > ,  2  d 

Numeric ( integer ) ,  2  d 

Numeric ( integer ; ,  2  d 

Numeric ( integer ) ,  10 

Numer l c ( l nteqer ) ,  10 

Numeric ( integer ) ,  10 


EXPOSURE  Record: 

Exposure, Descr ipt ion 
Exposure, Damage 
Exposure_Prodability 
Smallest, Damage 
Most_Likely_Damage 
Largest, Da mage 
Exposure, Ran kP 
Exposure, RankQ 


Alphanumeric,  50  char 
Numeric ( integer >  ,  8  d 
Numer  ic  <■  rea  1 ;  ,  5  digi 
Numer ic < integer ) ,  8  d 
Numer ic ( integer ) ,  8  d 
Numeric ( integer >  ,  8  d 
Numer ic ( real > ,  5  digi 
Numer ic ( real ) ,  5  digi 


CONTROL  Record : 

Control_Descr ipt ion 
Control _Cost 
Control^Eff  ect l veness 
onExposure 


Alphanumeric,  50  char 
Numeric^ integer) ,  6  d 

Numer ic ( real ) ,  5  digits 


SET  Record : 

Set, comb l nation 
Expected, Bene £  its 
Expected, Loss 
Set_Cost 
Expected  Coat 
Benefit  Cost  Ratio 


Numer ic ( bi narv >  ,  variable 
Numer ic ( integer ) ,  10  digits 

Numer ic ( integer ) ,  10  digits 

flumericdnteqer)  ,  10  digits 

Numer ic ( integer ) ,  10  digits 

Numeric(real) ,  5  digits 
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TABLE  3 

CONSTRAINTS  FOR  LOGICAL  DATABASE  RECORDS 


Field  Constraints: 

Problem_Description  must  not  be  null 
Controls_f or_Weighted_Method  must  not  be  0 
Controls_f or_P . E . R . T . _Method  must  not  be  0 
Controls_f or_Ranking_Method  must  not  be  0 
Exposure_Probability  must  be  from  0.000  to  0.999 
Exposure_RankP  must  be  from  0.000  to  7.000 
Exposure_RankQ  must  be  from  0.000  to  7.000 
Control_Ef f ect i veness_on_Exposure  from  0.000  to  0.999 
Benef it_Cost_Ratio  must  be  greater  than  1.000 


Intrarecord  Constraints: 

Most_Likely_Damade  greater  than  Smal lest_Damage 
Largest_Damage  greater  than  Most_Likely_Damage 


Interrecord  Constraints: 


Problem_Descr iption  must  be  unique 
Expoaure_Deacr iption  may  be  unique 
Control_Descr lpt ion  may  be  unique 

The  number  of  Controls_f or_Weighted_Method  fields  must 
be  equal  or  less  than  Ehe  numoer  of 'Control  records. 
The  same  must  be  true  for  the  Control s_± or_P . E . R . T  and 
Ranking_Metnod . 

The  number  of  Control_Effectiveness_on_Exposure  fields 
must  be  equal  to  the  number  of  Exposure  records. 

The  level  of  the  Set. _Comb i  na 1 1 on  must  be  equal  or  less 
than  the  number  of  Control  records. 


I 
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Intrarecord  constraints  limit  values  between  fields  within  a 
given  record.  Interrecord  constraints  limit  values  between 
fields  in  different  records  [Ref  103 . 

2.  Logical  Database  Record  Relationship 

Figure  7.1  shows  possible  relationships  among  the 
records  used  by  CEA-DSS.  This  figure  is  a  data  structure 
diagram.  Single/double  arrow  notation  is  used  to  express  a 
one-to-many  relationship  and  double/double  arrow  represents 
a  many-to-many  relationship. 


Figure  7.1  Data  Structure  Logical  Diagram 

Ji 

The  above  complex  network  is  further  decomposed 
into  trees  in  order  the  database  to  be  able  to  deal  with 
the  data  requirements.  Figure  7.2  shows  the  decomposition 
of  the  complex  network.  It  is  a  four  level  tree  structure 
and  represents  relationships  according  to  the  model  specifi¬ 
cations.  For  clarity  purpose,  the  Exposure  is  represented 
with  the  letter  'E'  and  the  Control  with  the  letter  'C'. 
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The  daehed  lines  connecting  sets  with  controls  and  controls 
with  exposures  indicate  that  it  is  not  necessary  for  a  set 
to  include  all  the  control  activities  or  a  control  activity 
to  influence  all  the  exposures. 


Figure  7.2  Decomposition  of  the  Data  Structure 

3.  Data  Manipulation  i n  the  CEA -DSS  Database 

The  possible  transactions  and  the  data  that  the 
transactions  can  change  are  listed  in  Table  4.  Some  transac¬ 
tions  change  data,  some  add  new  data,  some  delete  data  and 
some  are  simple  queries.  Queries  are  all  the  transactions  in 
the  sensitivity  analysis  part.  No  data  are  modified. 
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TABLE  4 

POSSIBLE  TRANSACTIONS  FOR  THE  CEA-DSS 


Transaction 
NEW  PROBLEM 

DELETE  PROBLEM 


ADD  EXPOSURE 

ADD  CONTROL 
DELETE  EXPOSURE 

DELETE  CONTROL 

EDIT  EXPOSURE 
EDIT  CONTROL 
MODEL  EXECUTION 


Data  or  Transaction  Involved 


Add  one  record  in  the  directory 

Create  Control  and  Exposure  files 

Add,  at  least,  two  Exposures  and 
two  Control  activities 


Erase  Control  and  Exposure  files 

Erase  any  existing  Set  File 

Remove  the  Problem  record  from 
the  directory 

Erase  the  directory,  if  there  is 
not  another  problem  in  it 


Add  one  record  in  the  Exposure  file 
Update  records  in  the  Control  file 


Add  one  record  in  the  Control  file 


Remove  record  from  the  Exposure  file, 
if  it  has  more  than  two  records 

Remove  references  to  this  Exposure 
from  the  Control  records 


Remove  record  from  the  Control  file, 
if  it  has  more  than  two  records 

Modify  record  in  the  Exposure  file 


Modify  record  in  the  Control  file 


Erase  any  existing  Set  file  for  the 
selected  method. 

Create  Set  file 

Add  Control  Sets  in  the  Set  file 

Update  record  of  the  current  problem 
in  the  directory  of  the  systr 


E.  PHYSICAL  DATABASE  DESIGN 


During  the  second  phase  of  the  database  design,  the 
physical  design,  a  transformation  takes  place.  The  logical 
schema  is  transformed  into  the  particular  data  constructs 
that  better  satisfy  the  implementation  requirements  and 
constraints . 

1 .  Design  Constraints 

One  implementation  requirement  for  the  CEA-DSS  is  to 
be  used  on  microcomputers.  This  requirement  along  with  the 
other  requirements,  discussed  in  the  framework,  introduce 
the  following  constraints  for  the  physical  database  design 
phase : 

■  Integer  numbers  are  not  allowed  in  the  system.  All 
numbers  have  to  be  of  type  real  and  will  be  stored 
in  the  system  as  strings  of  characters. 

•  The  length  of  records  in  bytes  must  be  limited  as  much 
as  possible  because  of  microcomputer  limitations. 

■  Since  the  size  of  the  Control  record  depends  on  the 
number  of  the  Exposure  records,  the  number  of  Exposures 
for  one  problem  may  be  24  at  maximum. 

•  The  number  of  control  activities  for  one  problem  are 

limited  to  13  at  maximum.  Three  model  runs,  one  for 
each  method,  for  a  problem  having  13  control 

activities,  may  generate  up  to  24,576  set  records. 
These  records  need  at  least  3  Mbytes  to  be  stored. 

2 .  The  Physical  Schema 

The  Physical  database  records  are  slightly  differen¬ 
tiated  from  logical  records  to  satisfy  the  design 
constraints.  The  field  description  of  the  records  is  shown 
on  Table  5  where  all  numerics  are  of  type  real  and  the 
abbreviation  'char'  instead  of  'character'  is  used. 

Keys  are  identified  according  to  the  data  retrieval 
requirements.  The  record  relationships  and  constraints 
emain  the  same  as  in  the  logical  design. 

The  idea  of  having  flat  files  in  the  database  is 
infeasible  because  of  the  model's  computational  complexity. 


TABLE  5 

PHYSICAL  DATABASE  RECORDS 


Field  Description 

PROBLEM  Record: 

Indexed  on  Problem_Deacr iption 


Problem_Descr iption 
Problem_Creator 
Problem_Date 
Controls.f or. 

Weighted. Method 
Controls  for 

P .  E .  R  .  T  . .Method 
Controls. for 

Ranking  Method 
Weighted  Method. 

Total. Coat .of “Controls 
P.E.R.T.  Method. 

Total. Cost. of .Controls 
Rank  mg^Met  hod 

Total~Cost  o?  Controls 


Alphanumeric,  8  char 
Alphabetic,  25  char 
Format  MM/DD/YY 

Array(1..13)  of  2  char 

Array (1.. 13)  of  2  char 

Array(1..13>  of  2  char 

Numeric,  10  char 

Numeric,  10  char 

Numeric,  10  char 


EXPOSURE  Record: 

Indexed  on  Expoaure.Index 


Exposure. Index 
Exposure. Description 
Exposure. Damage 
Exposure.Probabillty 
Smal lest "Damage 
Most .Like ly_Damage 

Largest. Damage 
Exposure. RankP 
Exposure. RankQ 


Numeric,  2  char 
Alphanumeric,  50  char 
Numeric,  8  char 
Numeric,  5  char 
Numeric,  8  char 
Numeric,  8  char 
Numeric,  8  char 
Numeric,  5  char 
Numeric,  5  char 


CONTROL  Record: 

Indexed  on  Control. Index 

Control .Index 
Control. Description 
Control .Cost 
Control “Effectiveness, 
on. Exposure ( 1 . .24) 


SET  Record : 

Indexed  on  Set. Cost 

Set.  comb  mat  a  on 
Expected. Be nef its 
Ex pec ted. Loss 
Set. Cost 
Expected .Value 
Expected  Cost 
Benefit  Cost  Ratio 


Numeric,  2  char 
Alphanumeric,  50  char 
Numeric,  8  char 

Numeric,  5  char 


Array(1..13>  of  2  char 
Numeric,  10  char 
Numeric,  10  char 
Numeric,  10  char 
Numeric,  10  char 
Numeric,  10  char 
Numeric,  5  char 


Hors  specifically,  the  use  of  flat  files  should  increase 
dramatically  the  time  required  for  a  model  run,  something 
undesirable  for  a  DSS. 

Variable  length  records  are  used  instead.  This 
variability  in  length  results  in  loss  of  storage  capacity 
because  the  record  occupies  space  equal  to  its  maximum 
length  regardless  its  actual  length.  This,  off-course,  is 
the  primary  disadvantage  of  the  variable  length  records,  but 
for  that  particular  application  is  justified  by  the  fact  of 
time  savings. 


VIII 


IMPLEMENTATION  OF  THE  CEA-DSS 


One  of  the  objectives  of  the  implementation  phase  is  to 
use  the  CEA-DSS  with  microcomputers. 

A.  THE  PROGRAMMING  LANGUAGE 

The  complexity  of  dialog  and  data  component  underline 
the  need  for  a  structured  programming  language  which  can 
support  character  manipulations,  screen  management  and,  to 
some  degree,  mathematic  calculations.  Turbo  Pascal 
(Version  2.0)  was  chosen  for  this  particular  implementation. 

B.  SUPPORTING  PACKAGES 

Turbo  Access  Toolbox  (Version  1.00)  is  used  for  the 
database  management  system.  Turbo  Access  provides  for 

sequential,  indexed  sequential  and  direct  file  access, 

allowing  and  the  existence  of  duplicate  keys  in  an  index 
file.  Turbo  Graphix  Toolbox  (Version  1.00A)  is  used  for  the 
graphics  part  of  the  system. 

C.  THE  DATA  FLOW  IN  THE  CEA-DSS 

In  order  to  deal  with  the  high  complexity  of  the  data 
and  transaction  flow,  it  was  necessary  to  divide  the  system 
from  the  beginning  into  four  major  areas.  This  helped  to 

draw  the  initial  diagrams.  Using  these  diagrams  as  the  base, 

after  reviews  and  refinements,  the  final  software  structure 
was  deriveo.  These  four  areas  are  the  following: 

1 .  The  Main  Area 

This  area  contains  data  flows  and  transactions 
occurring  from  the  initialization  of  the  system  until  the 
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Main  menu  appear  on  the  screen  and  the  user  make  his/her 
selection.  Figure  8.1  shows  the  refined  flow  diagram  of  the 

aain  area. 


2 .  The  Database 

Figures  8.2,  8.3  and  8.4  are  the  flow  diagrams  of 
this  area.  It  contains  transactions  and  data  flows  related 
to  the  database  management  system,  like  updating  control  and 
exposure  files,  switching  problems,  and  deleting  problems. 

3.  The  Model 

The  model  area  diagram.  Figure  8.5,  describes  all 
the  operations  of  the  model  execution.  Figure  8.S,  presents 
in  detail  the  data  flow  during  the  generation  of  the  control 
seta.  This  is  the  most  important  and  most  complex  part  of 
the  CEA  model  and  is  included  here  for  maintenance  and 
future  modification  or  improvement  purposes. 

4.  The  Sensitivity  Analysis  Area 

Transactions  and  data  flows  associated  with  the 
decision  support  part  of  the  CEA-DSS  are  illustrated  in 
Figures  8.7,  8.8  and  8.9. 

D.  SOFTWARE  STRUCTURE 

The  refined  software  structure.  Figure  8.10,  is  a 
rearrangement  of  the  flow  diagrams  from  the  perspective  of 
the  flow  of  control  in  the  system.  The  requirement  for  the 
user  to  access  control  over  the  whole  process,  underlines 
the  need  for  a  hierarchical  flow  of  control  among  the 
various  processes  of  the  system.  Top-down  is  considered  as 
the  most  effective  design  for  the  CEA-DSS  since  it  results 
in  a  modular  and  highly  cohesive  software  structure. 
Modularity  and  high  cohesion  facilitate  the  coding  and 
maintenance  phases. 
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E.  IMPLEMENTATION  PROBLEMS 


The  most  serious  implementation  problems  are  problems 
associated  with  the  memory  management  of  a  microcomputer. 
The  capacity  of  the  memory  dedicated  to  the  Central 
Processing  Unit  (CPU)  is  64  Kbytes  for  a  microcomputer. 
Consequently,  the  size  of  the  program  part  called,  along 
with  all  the  type  declarations  and  the  supporting  modules, 
must  not  exceed  the  size  of  the  CPU's  memory.  This  is  a 
troublesome  limitation  when  dealing  with  long  programs. 

This  is  the  case  for  the  CEA-DSS.  The  inclusion  of  the 
Turbo  Access  and  Turbo  Graphix  packages  within  the  actual 
program  further  limited  the  allowable  size  of  its  modules. 
Reduction  of  the  module  size  implies  a  loose  control 
hierarchy.  An  effort  to  reorganize  the  software  structure 
resulted  in  undesirable  control  flow  inefficiencies. 
Fortunately,  Turbo  Pascal  provides  for  overlay  organization 
which  eliminates  the  memory  size  limitation. 

A  technique,  called  overlays,  is  used  to  allow  the 
system  to  be  larger  than  the  amount  of  memory  allocated  to 
it.  The  idea  of  overlays  is  to  keep  in  memory  only  those 
instructions  and  data  that  are  needed  at  any  given  time 
[Ref.  11].  When  other  instructions  are  needed,  they  are 
loader  into  apace  that  was  previously  occupied  by 
instructions  that  are  no  longer  needed.  However,  this 
technique  suffers  from  the  following  limitations: 

•  A  module  must  first  be  loaded  into  the  memory  in  order 
to  be  executed.  This  causes  the  system  to  run  somewhat 
more  slowly,  due  to  the  extra  I/O  operation  to  read 
the  module.  For  this  reason,  it  is  recommended  to  load 
the  CEA-DSS  software  on  a  hard  disk  or  a  ram  disk.  High 
access  speed  devices  would  result  in  considerable 
reduction  of  access  time. 

•  Since  overlays  share  the  same  space  in  memory,  a  module 
cannot  call  modules  which  belong  in  another  overlay 
of  the  same  area.  For  example,  a  module  calls  another 
one  from  a  different  overlay.  This  overlay  is  loaded  in 

flace  of  the  caller  and  the  called  module  is  executed. 

he  problem  is  that  after  its  execution  the  system  is 
meshed  because  it  does  not  find  the  caller  to  return. 


This  introduced  additional  problems  to  the  original 
structure  of  the  program.  The  inclusion  of  control  code, 
like  flags,  labels,  case  and  if  then  else  statements,  helped 
in  establishing  communications  among  the  various  overlays  of 
the  same  area. 


F.  EFFORT  DISTRIBUTION  FOR  THE  CEA-DSS  DEVELOPMENT 


CEA-DSS  was  built  in  five  months  and  required  an  effort 
of  six  man-months.  Table  6  shows  the  distribution  of  the 
effort,  in  percentages,  among  the  different  phases  of  the 
CEA-DSS  development. 
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TABLE  6 

EFFORT  DISTRIBUTION 

Time 

Activities 

20* 

Requirements  Analysis  and  Initial  Design 

23* 

Detailed  Design 

30X 

Programming,  Debugging  and  Testing 

5* 

Initial  Testing  and  User's  feedback 

22* 

Stepwise  refinement  of  the  components 

MENT  EXPENSE 


IX.  A  SESSION  WITH  THE  CEA-DSS 

The  objective  of  this  chapter  is  to  illustrate  the 
operation  of  the  CEA-DSS.  The  figures  in  this  chapter  have 
been  generated  during  the  testing  phase  of  the  CEA-DSS  on  a 
IBM  PC-XT  microcomputer. 

A  series  of  screens  has  been  suggested  as  the  most 
effective  way  to  describe  step-by-step  the  system's  basic 
operation . 

STEP  1 :  Drive  definition  (Figure  9.1).  The  system  has 
the  flexibility  to  use  a  different  drive  for  its  database. 


EFFECTIVENESS  OF 

CONTROL  AND  SECURITY  OF  COMPUTER  SYSTEMS 

PROBLEM: 

ACTION: 

DEFINE  Ttt  DRIVE  YOU  UANT  TO  USE  FOR  FILES 

IT  IS  BETTER  THE  DSS  TO  BE  ON  ft  DIFFERENT  DRIVE 
DO  NOT  USE  Tf£  LETTER  C  IF  THERE  IS  NO  HARD  DISK 


DRIVE  A,  B,  C.  D,  E  or  F: 


!  Tooav  Is:  8/19/1985 


Figure  9.1  Drive  Definition 

Core  must  be  taken  for  not  using  drive  "C“  with  IBM  PC-XTs 
which  do  not  have  a  hard  disk  drive.  In  all  other  cases. 


\  iW.vjv.v.v 
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CEA-DSS  ham  the  ability  to  find  any  wrong  drive  definition 
and  proapta  the  uaer  to  redefine  the  drive. 

STEP  2 :  Directory  (Figure  9.2).  The  directory  contains 
information  about  previously  defined  problems.  It  is  located 
on  the  drive  where  data  for  these  problems  are  stored. 
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OF  COMPUTER  SYSTEMS 

PROBLEM: 

ACTION:  GIVE  PROBLEM  NAME 

CHOOSE  ONE  OF  THE  FOLLOWING  OR  CREATE  YOUR  OWN  PROBLEM 

PROBLEM: 

CREATED  BY: 

DATE:  ! 

CMC 

SCHAEFFER  HOWARD 

8/15/1985 

PROBLEM 1 

PRESSMAN  JOHN 

8/19/1985 

PR0BLEM2 

ELSGN  MARK 

8/19/1985 

TEST 

RICHARD  NOLAN 

7/30/1985 

1 

i 

! 

Nusoer  of  Problem  in  tne  Directory:  b 

ENTER  THE  NOME  OF  THE  PROBLEM:  DSSTEST 

I  Today  Is:  8/19/1985 
l 

Figure  9.2  Directory 

When  a  new  drive,  i.e.  a  new  floppy  disk,  is  selected, 
the  system  creates  a  directory  first,  and  then  prompts  the 
user  to  define  the  problem.  For  a  pre-defined  drive,  a 
listing  of  the  directory  appears  on  the  frame.  The  user  may 
select  a  problem  from  the  directory,  or  define  a  new  one.  In 
case  of  an  existing  problem  selection,  the  process  continues 
with  Step  4. 

STEP  3 :  Data  entry  (Figure  9.3).  The  system  creates 
the  control  and  exposure  files  for  the  particular  problem. 
Then,  the  uaer  has  to  provide  the  initial  data.  At  least 
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PROBLEM:  DSSTEST 

ACTION:  UPDATE  EXPOSURES  j 

Index :03  Descrietion:Exposure  3 


WEIGHTED:  Daiiage:  *50000  Probability:)). 95 

P.E.R.T:  Ssallest:*30000  Most  Likely: $55000  Largest: *65000 


RANKS:  Rank  P:4.000  Rank  0:4.300 


Ranx 

P  Daxaue  caused  by  error 

Rank  Q  Daaaoe  caused  by  failure  ! 

0 

virtually  lspossible 

0 

negligible 

1 

sight  naooen  once  in  400  years 

1 

aDout 

*10 

2 

■ignt  naooeri  once  in  40  years 

2 

aDout 

*100 

3 

eight  napDen  once  in  4  years 

3 

about 

*1,000 

4 

siant  naooen  once  m  100  days 

4 

about 

*10,000 

C. 

aiont  naooen  once  m  10  oavs 

C 

yj 

about 

*100.000 

6 

mant  naooen  once  in  l  oav 

6 

about 

*1.000.000  1 

7 

sight  napoen  ten  tises  a  oav 

7 

over 

*1,000.000 

A)dd, 

D)elete,  E)dit,  Nlext,  P)revious  or  Q)uit 

;  1 
i 

Today  Is:  8/19/1985 

i 

'  EFFECTIVENESS 

l 

OF  CONTRO.  AND  SECURITY  OF  COMPUTES  SYSTEMS  ! 

|  PROBLEr.:  DSSTES" 

I  ACTIO*:  UPDATE  CONTROLS 

_ 1 _ 1 

1  Index :02  DescridtionjCortrci  2 
Cost:  *£150:- 

i 

1  Effectiveness  or  Exoosure  1:  0.0 
1  Effectiveness  or  Exoosure  2:  0.0 
'  Effect iver«ss  or  Exoosure  3:  0.7 
I  Effectiveness  or  Exoosure  <*:  0.0 


F igure  9 . 3 


Data  Entry 
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two  txposuras  and  two  control  activities  are  required  to 
enable  the  CEA-DSS  to  generate  control  combinations.  The 
process  during  this  step  is  under  the  direct  control  of  the 
CEA-DSS. 

STEP  4 :  The  Main  Menu  is  shown  in  Figure  9.4.  The 
logical  selection  for  a  new  problem  is  the  Model  option. 
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PROBLEM:  DSSTEST 

1 _ 

ACTION:  MAIN  MENU  1 

MAIN  MENU  OPTIONS: 

1.  HELP 

2.  UPDATE  FILES  OR  CHANGE  PROBLEM 

3.  RUN  THE  COST  EFFECTIVENESS  MODEL 

4.  SENSITIVITY  ANALYSIS  OF  ALTERNATIVES 

5.  EXIT  TO  DOS 


SELECT  1,2,3,  or  5 


Figure  9.4  Main  Menu 

STEP  5:  Model  execution.  The  Model  Menu,  allows  the 
selective  invocation  of  one  of  the  three  statistical  methods 
for  a  model  run.  The  user  may  select  one  method  or  all  of 
them.  Then,  the  system  prompts  the  user  to  define  the 
desired  level  of  cost  according  to  which  the  generation  of 
control  sets  will  be  performed.  The  use  of  realistic  cost 
levels  is  recommended,  since  it  may  result  in  a  considerable 
reduction  of  the  amount  of  control  sets  to  be  generated 


XPENSE 
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PROBLEM:  DSSTEST 

ACTION: 

MODEL 

MODEL  l€NU  OPTIONS: 

1. 

HELP 

2. 

RUN  THE 

WEIGHTED 

METHOD 

3. 

RUN  THE 

P.E.  R.T 

METHOD 

4. 

RUN  THE 

RANKING 

METHOD 

5. 

RUN  ALL 

THE  METHODS 

6. 

RETURN  TO  MAIN 

MENU 

SELECT  1,2, 3, 4, 5  or  6  : 

j  Tooay 

Is:  6/19/1985 
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DROBLEn:  DSSTEST  I  ACTION:  MODEl  /  WEIGHTED  METHOD 


Total  Daiacs  Due  To  Exoosures  :  L47BCw.< 

Cost  to  Inclement  All  Controls  :  69500 


Give  Tne  Max  mu*  Amount  You  want  To  Scene  On  Controls 
or  cress  Enter  for  Al. 

MAXIMUM  :  *  69500 


1  Tooav  is:  a'19/1985 


STEP  6:  Sensitivity  Analysis  Menu  (Figure  9.6).  The 
prerequisite  for  accessing  the  "Control  Strategy"  and  the 
"Graphics"  options,  is  the  execution  of  the  model.  The  same 
is  true  and  for  the  "Print  Reports"  option  when  a  printout 
of  a  set  file  is  requested. 
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PROBLEM:  DSSTEST  j 

POTION:  SENSITIVITY  ANALYSIS 

SENSITIVITY  ANALYSIS  MENU  OPTIONS: 

1.  HELP 

2.  FIND  CONTROL  STRATEGY 

3.  GENERATE  GRAPHICS 

4.  PRINT  REPORTS  j 

5.  RETURN  TO  MAIN  CENU  1 

1 

1 

_ 1 

SELECT  1.2, 3, 4  or  3  : _ j  Totiav  Is;  8/19/19&S 


Figure  9.6  Sensitivity  Analysis  Menu 

STEP  7:  Print  Reports.  The  system  has  the  capability  to 
produce  three  types  of  reports.  It  Is  expected  that  the  user 
will  use  these  reports,  during  the  sensitivity  analysis 
process,  as  reference.  The  first  table  (Figure  9.7)  summari¬ 
zes  the  initial  data  of  expected  losses  caused  by  exposures, 
for  three  statistical  methods.  The  second  report 
(Figure  9.8)  summarizes  the  control  activities'  effective¬ 
ness  on  exposures.  Finally,  control  sets  report  is  a  listing 
of  the  file  created  and  updated  by  a  model  run.  Figure  9.9 
shows  the  control  sets  generated  according  to  the  weighted 
method . 


COST  EFFECTIVENESS  ANALYSIS 
FOR 

CONTROL  l  SECURITY  OF  COMPUTER  SYSTEMS. 


EXPECTED  LOSSES  CAUSED  BY  EXPOSURES  FOR  WORK  DSSTEST 


THE  WEIGHTED  HETHQD 


POTENTIAL  ERRORS 

AMOUNT  OF  PROB/TY  OF 

DAMAGE  OCCURENCE 

01  Exoosure  1 

02  Exposure  2 

03  Exposure  3 

04  Exposure  4 

40000  0.850 

60000  0. 780 

50000  0.950 

30000  0.650 

THE  P.E.R.T  METHOD 

POTENTIAL  ERRORS 

AMCXJNT  OF  DAMAGE 
seal  lest  n. likely  largest 

01  Exoosure  1 

02  Exoosure  2 

03  Exoosure  3 

0*  Exoosure  4 

30000  35000  40000 
25000  45000  632^.' 
30000  55000  65000 
15000  20000  4000'. 

THE  RANKING  METHOD 

POTENTIAL  ERRORS 

ESTIMATION  OF  PROBABILITY 

Or  OCCURENCE  AND  DAMAGE 

Rarw 

Ran*  G 

01 

Exoosure  1 

3. 800 

4. 200 

02 

Exoosure  2 

3.850 

4. 50 : 

03 

Exoosure  3 

4.000 

4. 300 

0* 

ExTrsure  4 

3. 200 

4.30 

F igure  9 . 7 


An  Expected  Losses  Report 
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ECISION  SUPPORT  SYSTEM 


COST  EFFECTIVES  ANALYSIS 
FOR 

CONTROL  l  SECURITY  OF  COMPUTER  SYSTEMS. 


CONTROL  ACTIVITIES  FOR  WORK  OSSTEST 
01  Control  1 
02  Control  2 
03  Control  3 
04  Control  4 


EXPOSURES  FOR  WORK  DSSTEST 
01  Exposure  1 
02  Exposure  2 
03  Exposure  3 
04  Exposure  4 


EXPOSURE  I  01 


EFFECTIVENESS  OF  CONTROL  all)  ON  EXPOSURE  edi 

■  03  ;  04  : 


Figure  9.8  A  Control  Effectiveness  Report 


DECISION  SUPPORT  SYSTEM 
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WEIGHTED  METHOD:  CONTROL  SETS  FOR  WORK  DSSTEST 


CONTROL  ACTIVITIES  USED  BY  THE  CONTROL  SETS: 

01:  Control  1 

02:  Control  2 

03:  Control  3 

04:  Control  4 


CONTROL  ACTIVITIES 

VALUE 

COS" 

EXP, CCS' 

BCS 

03, 

16575 

10000 

141225 

1  Si 

1 

1 

01, 

27200 

13000 

13360., 

2. 09 

02, 

33250 

21500 

136050 

1.5* 

01,03, 

43775 

23000 

127025 

1.90 

04, 

38844 

25000 

133956 

1.55 

02,03, 

49825 

31500 

129475 

1.56 

01,02, 

60450 

34500 

!2l85v 

1.75 

03,04, 

55413 

35000 

127381 

1.58 

01,04, 

66044 

38000 

119756 

1.73 

01,02,03, 

77025 

44500 

115275 

«  7’ 

02.04, 

72034 

46500 

122206 

1. 55 

01,03,04, 

82619 

48000 

113181 

1.72 

02,03,04, 

88663 

56500 

115631 

1.56 

01,02, 04, 

93234 

59500 

108006 

1.66 

01,02,03,04, 

115869 

69500 

101431 

1.66 

Figure  9.9  A  Control  Sets  Report 
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The  print  menu  1a  deacrlbad  in  Figure  9.10.  Before 
selecting  an  option,  the  user  must  make  sure  that  the 
printer  is  on-line. 
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PROBLEM:  DSSTEST 


ACTION:  SENSITIVITY  ANALYSIS  /  PRINT  REPORTS 


PRINT  REPORTS  MENU  OPTIONS: 

1.  f€LP 

2.  PRINT  EXPOSURE  EXPECTED  LOSS  TABLE 

3.  PRINT  CONTROL  EFFECTIVES  TABLE 

4.  PRINT  SET  FILES 

5.  RETURN  TO  SENSITIVITY  AfWLYSIS  MENU 


SELECT  1,2,3, 4  or  5  : 


Today  Is:  B/19/19B5 


Figure  9.10  The  Print  Menu 


STEP  8:  Graphics.  Curves  and  histograms  help  the  user 
conceptualize  the  differences  among  alternative  control  sets 
and  among  different  statistical  methods.  The  incompatibility 
problem  of  the  various  types  of  printers  does  not  allow  the 
system  to  make  hard  copies  of  the  graphs.  The  user  can  use 
instead  the  CPrtScI  key  of  the  keyboard.  Each  graphics 
screen  contains  two  graphs.  The  upper  graph  depicts  the 
Benefit  Cost  Ratio  versus  Cost  relationship,  and  the  lower 
graph  the  Total  Expected  Cost  versus  Cost.  Figure  9.11  shows 
the  curves  for  the  DSSTEST  problem  and  Figure  9.12  the 
histograms.  For  readability  purposes,  on  each  curve  can  be 
drawn  up  to  200  points  and  on  each  histogram  up  to  24  bars. 
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STEP  9:  The  last  phaaa  of  tha  CEA-DSS  procesa  ia  the 
control  strategy  selection.  The  decision  maker  may  select 
the  most  effective  (Figure  9.13>  or  the  most  cost  effective 
control  strategy  (Figure  9.14)  within  the  cost  range  he/she 
desires.  The  decision  maker,  helped  by  the  reports  and 
graphs,  is  expected  to  have  a  better  opinion  about  the 
amount  to  be  spent  for  control  measures. 


PROBLEM:  DSSTEST 


ACTION:  SENSITIVITY  ANALYSIS  /  CONTRO.  ST RATES* 


WEIGHTED  METHOD:  THE  MOST  FFECTIVE  SET 

CONTROL  :  Control  1 
CONTROL  :  Control  i. 

CONTROL  :  Control  3 


Value  of  Control  Set  : 
Total  Exoected  Benefit  : 


Cost  of  Control  Set 
Total  Exoected  Cost 


Cost  Benefit  Ratio(BCR):  1.73 

Prior  Exoected  Damage  Dus  to  Exoosures:  147000 
Post  Exoected  Damage  Due  to  Exoosures:  70775 


'  'oca.  is:  8/iO ' 196c 


Figure  9.13  The  most  Effective  Control  Strategy 


The  optimal  solution  in  the  problem  is  found  when  the 
selected  control  set  is  both  the  most  effective  ana  the 
most  cost-effective  over  a  predefined  cost  range.  This  is 
the  case  for  this  particular  example.  Figures  9.13  and  9.14 
show  the  same  control  set.  Under  the  "Most  Effective" 
option,  the  control  set  with  the  lowest  expected  cost  is 
selected.  Under  the  "Most  Cost-Effective"  option,  the  set 


with  the  highest  BCR  is  the  most  preferable.  However, 


the  ayatto  doaa  not  provide  any  algorithm  for  combining 
thaaa  two  options  in  ordar  to  indicata  tha  optimal  control 
stratagy . 
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PR0BLEH:  DSSTEST 

ACTION:  SENSITIVITY  ANALYSIS  /  CONTROL  STRATEGY 

WEIGHTED  METHOD:  T>€  HOST  COST  EFFECTIVE  SET 

CONTROL  :  Control  1 
CONTROL  :  Control  2 
CONTROL  :  Control  3 

Value  of  Control  Set  ;  77025  Cost  of  Control  Set  :  44500 

Total  Expected  benefit  :  32525  Total  Expected  Cost  :  115275 

Cost  Benefit  Ratio(BCR):  1.73 

Prior  Expected  Damage  Due  to  Exposures:  147800 
Post  Expected  Daaage  Due  to  Exposures:  70775 


press  any  Key.  ■ _ j  Today  Is:  8/20/1985 


Figure  9.14  The  most  Cost-Effective  Control  Strategy 

This  is  the  basic  process  for  a  problem  creation  and 
analysis.  Also,  the  user  has  the  opportunity  to  access  the 
database  of  the  system  through  the  Database  Menu.  He/she  may 
modify  the  initial  data,  change  problem  and/or  delete  the 
problem.  If  modifications  take  place  on  the  data,  the  model 
must  be  executed  again.  The  deletion  of  the  problem  erases 
any  file  belonging  to  this  as  well  as  its  record  in  the 
directory.  After  that,  the  mam  menu  appears  on  the  screen 
allowing  the  user  to  select  one  of  the  "Help",  "Database" 
and  "Exit  to  DOS"  options.  The  other  options  of  the  main 


menu  are  prohibited  when  there  is  no  problem  definition.  The 
database  choice  after  a  problem  deletion  or  changing  the 


! 


current  problem  cauae  the  previously  described  process  to  be 
repeated  from  the  beginning.  The  database  menu  appears  on 
Figure  9.15. 
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PROBLEM:  DSSTEST 

1 

_ 1 _ 

ACTION 

:  DATABASE 

DATABASE  «NU  OPTIONS: 

1. 

HELP 

2. 

CHANGE 

PROBLEM  I 

i 

3. 

DELETE 

CURRENT  PROBLEM  1 

j 

4. 

UPDATE 

EXPOSURE  FILE  ! 

| 

5. 

UPDATE 

CONTROL  FILE  1 

1 

6. 

RETURN 

TO  MAIN  MENU  i 

i 

X. 


CONCLUSION 


The  purpose  of  the  research  was  to  implement  a  DSS  for 
selecting  EDP  control  strategies.  Three  analytical  methods 
for  determining  cost-effectiveness  of  EDP  controls  were 
integrated  in  a  customized  database  management  system.  Also 
a  careful  user  interface  was  designed  to  support  user 
interactiveness  with  the  system. 

From  the  user's  perspective,  the  current  version  of  the 
CEA-DSS  is  able  to  handle  any  uneven  condition  associated 
with  data  entry  and  process  request  errors.  The  enhancement 
of  an  acceptable  combination  of  colors  and  sounds  contribu¬ 
tes  to  the  user  friendliness  of  the  system.  Since  the  users 
have  different  preferences,  one  possible  improvement  should 
be  to  let  the  user  define  the  colors  and  sounds  he/she 
likes.  The  help  facility  also  can  be  easily  modified  to 
satisfy  the  user  needs  for  on-line  information,  as  discussed 
in  Appendix  B. 

From  the  system  design  perspective,  CEA-DSS  permits  the 
user  to  exercise  virtual  control  over  its  processes.  The 
database  system  is  exclusively  designed  and  implemented  to 
serve  the  introduced  EXPOSURE,  CONTROL  and  SET  records.  It 
is  expected  that  any  future  enhancements  in  the  database 
schema  will  require  extensive  modifications  and  maintenance 
to  be  done  on  the  database  and  the  DBMS.  The  model  base  of 
the  CEA-DSS  consists  of  the  three  variances  of  the  CEA 
model.  Integration  of  new  techniques,  using  the  existing 
data  structure,  will  require  slight  modifications  of  the 
current  system.  The  same  is  true  for  the  sensitivity 
analysis  part  where  any  additional  reports,  graphs  and 
control  strategy  selection  algorithms  will  not  influence  the 
system . 
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One  great  inefficiency  recorded  during  the  testing 
phase  is  associated  with  the  control  strategy  selection 
algorithm.  The  sample  problem  DSSTEST,  presented  in 
Chapter  9,  can  be  considered  as  an  extreme  condition.  The 
solution  was  recognized  as  the  optimal  one  because  it  had 
both,  the  greatest  Benefit  Cost  Ratio  and  the  lowest  Total 
Expected  Cost.  This  is  generally  not  the  case.  In  reality, 
the  optimal  solution  is  found  somewhere  in  the  three 
dimensional  spectrum  composed  of  the  Benefit  Coat  Ratio,  the 
Total  Expected  Cost  and  a  Scaling  Relational  Algorithm  for 
them.  It  is  expected  that  the  enhancement  of  such  an 
algorithm  will  dramatically  improve  the  control  strategy 
selection  process. 

Another  unresolved  issue  concerns  the  assignment  of 
the  BCR  to  the  control  sets.  Control  Sets  consisting  of 
fewer  Control  activities  turn  out  to  have  higher  BCRs.  This 
is  due  to  the  nature  of  the  algorithm  that  the  model  uses  to 
compute  the  value  of  the  control  sets.  A  way  to  handle  this 
would  be  to  introduce  in  the  computation  of  the  control 
set's  BCR  one  more  parameter  which  will  be  able  resolve 
these  differences. 

It  is  recommended  that  the  CEA-DSS  built  during  this 
research  be  evaluated  on  real  life  applications.  In  effect, 
all  data  used  during  the  testing  phase  of  the  CEA-DSS  were 
chosen  on  a  random  basis.  Information  gathered  from  a  real 
life  computer  audit  process  would  probably  contribute  to 
the  evaluation  of  current  control  techniques.  Furthermore, 
the  CEA-DSS  will  not  only  support  the  selection  phase  but 
also  the  evaluation  and  exploration  phases  of  the  computer 
audit  process  life  cycle. 


APPENDIX  A 


MESSAGES 


INFORMAL  MESSAGES: 

CREATING  EXPOSURE  AND  CONTROL  FILES 

Initiation:  A  new  problem  has  been  introduced  by  the  user. 

DELETING  CONTROL 
DELETING  EXPOSURE 

Initiation:  Request  for  deletion  of  a  control  or  exposure 
record . 

NEW  DIRECTORY 

Initiation:  New  drive  definition. 

CONTROL  "description"  IS  NOT  EFFECTIVE 

Initiation:  The  cost  of  a  control  activity  is  greater  than 
its  expected  value. 

PLEASE  WAIT 

Initiation:  Control  sets  generation. 

PLEASE  WAIT  FOR  THE  PREPARATION  OF  THE  GRAPH 

Initiation:  Request  for  graphic  representation,  curve  or 

histogram . 
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ERROR  MESSAGES 


SYSTEM  REQUIRES  2  CONTROLS  AT  LEAST 

SYSTEM  REQUIRES  2  EXPOSURES  AT  LEAST 

Initiation:  Request  for  deletion  of  control  or  exposure 
record  while  the  file  contain  only  two  records. 

THE  SYSTEM  CANNOT  HOLD  ANOTHER  EXPOSURE 

Initiation:  The  user  attempts  to  add  the  14th  control 
activity  or  the  25th  exposure. 

YOU  MUST  RUN  THE  MODEL  FIRST 

Initiation:  Request  to  access  sensitivity  analysis  areas 
prior  to  the  model  execution. 

THERE  IS  NOT  ENOUGH  SPACE  ON  DRIVE  X 

Initiation:  Nonexistent  drive  definition  or  the  defined 
drive  does  not  have  the  appropriate  space  for  a 
dictionary  and  problem  creation. 

CHECK  YOUR  ENTRY.  "HIGH"  MUST  BE  GREATER  THAN  "LOW" 

Initiation:  Entry  of  an  ambiguous  cost  range  for  the 
sensitivity  analysis  part. 


TRIGGER  MESSAGES: 

DEFINE  THE  DRIVE  YOU  WANT  TO  USE  FOR  FILES 

Initiation:  CEA-DSS  activation  or  request  to  change  the 
current  problem. 

DO  YOU  WISH  TO  DELETE  THE  PROBLEM  ? 

Initiation:  Request  to  delete  the  current  problem.  The 
system  prompts  the  user  to  confirm. 
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THERE  IS  ALREADY  FILE  FOR  THAT  METHOD 

Initiation:  Request  to  rerun  the  model.  The  user  can  delete 
the  set  file  only,  or  to  proceed  to  model 
execution . 

CANNOT  COMPUTE  SETS  WITHOUT  EFFECTIVE  CONTROLS 

CANNOT  COMPUTE  SETS  WITH  ONLY  ONE  EFFECTIVE  CONTROL 

Initiation:  Control  sets  generation.  The  user  may  correct 
some  initial  data  or  to  abandon  the  current 
problem . 

THERE  IS  NO  ANY  SET  WITHIN  THAT  RANGE 

Initiation:  The  cost  range  defined  for  sensitivity  analysis 
is  very  limited.  The  user  may  widen  the  range. 

CANNOT  MAKE  GRAPH  WITH  LESS  THAN  2  SETS 

Initiation:  Request  for  graphics,  while  the  defined  cost 
range  includes  only  one  control  set.  The  user 
may  redefine  a  wider  cost  range. 


APPENDIX  B 
THE  HELP  FACILITY 


The  help  facility  of  the  CEA-D5S  is  carried  out  via  the 
HELP  module,  listed  at  the  end  of  the  program  listing  in 
Appendix  C.  The  Help  module  supplies  the  calling  menu  with 
information  relative  to  its  functions.  The  algorithm  for 
this  selective  retrieval  of  information  is  based  on  a  code 
character.  This  character  is  sent  to  the  Help  module  as 
parameter  in  the  call  statement,  identifying  the  calling 
part  of  the  program.  The  Help  module  uses  this  character  to 
assemble  the  file  name  of  the  text  file  where  the  requested 
information  resides. 

The  advantage  of  keeping  the  help  text  external  to  the 
program  is  that  it  can  be  changed  easily,  with  any  editor, 
without  affecting  the  code  of  the  CEA-DSS.  The  help  module 
also  has  the  advantage  of  returning  control  to  the  caller 
immediately  in  case  that  the  requested  help,  text  file,  is 
missing.  The  files  of  the  system  dedicated  to  the  help 
facility  along  with  their  content  are  listed  below. 

File:  HELPM.TXT 

HELP  FOR  MAIN  MENU 

UPDATE  FILES  OR  CHANGE  WORK 

This  is  the  Database  of  the  system.  You  have  access  to  three 
files.  The  EXPOSURE,  the  CONTROL  and  the  PROBLEM  file.  You 
can  Add,  Delete  or  Edit  EXPOSURES  and  CONTROLS.  You  can  also 
Change  or  Delete  WORK. 

RUN  THE  COST  EFFECTIVENESS  MODEL 

Once  you  have  updated  the  EXPOSURE  and  CONTROL  files  you 
can  run  the  model.  The  model  will  create  the  set  files 


which  will  be  used  after  for  decision  making.  If  you  chose 
the  current  work  from  the  directory  of  the  system  and  you 
are  not  going  to  modify  the  EXPOSURE  and  CONTROL  files  you 
DON'T  need  to  run  the  model. 

SENSITIVITY  ANALYSIS 

This  is  the  main  area  of  interest.  It  will  help  you  to  find 
out  the  optimal  solution  according  to  your  preferences  and 
budget.  There  are  available  to  you  graphics  and  print 
f  aci 1 i ties . 

File:  HELPD.TXT 

HELP  FOR  DATABASE  MENU 

At  the  bottom  of  the  frame  it  appears  always  the  command 
line  which  prompts  you  to  make  selections  by  typing  numbers 
or  letters. 

CHANGE  PROBLEM 

The  directory  of  the  system  is  listed  and  then  you  are 
prompted  to  define  the  problem  you  desire.  If  you  choose  an 
existing  one,  you  will  be  switched  to  that  immediately.  If 
you  create  a  new  one,  you  will  be  asked  to  enter,  at  least, 
two  EXPOSURES  and  two  CONTROL  ACTIVITIES. 

DELETE  CURRENT  PROBLEM 

You  can  only  delete  the  current  problem.  If  you  wish  to 
delete  a  different  problem,  you  must  change  the  problem 
first,  and  then  choose  from  the  directory  the  problem  you 
want  to  delete,  and  delete  it.  You  will  be  asked  to  confirm 
for  the  requested  deletion  by  typing  the  character  " ! ” . 
UPDATING  EXPOSURE  OR  CONTROL  FILE 

You  can  A)dd,  D)elete,  E)dit  Exposures  and  Controls,  and 
scroll  the  files  forwards  and  backwards  using  N)ext  or 
P ) revious . 

Keep  in  mind  that  the  edit  mode  is  always  in  the  INSERT 
MODE . 
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File:  HELPO.TXT 


HELP  MODEL 

You  can  run  the  model  using  the  WEIGHTED  PROBABILITY,  the 
P.E.R.T  method  and  the  RANKING  method.  You  will  be  prompted 
to  enter  the  upper  cost  limit.  If  you  have  enough  controls 
in  the  control  file  it  is  better  to  use  as  short  cost 
ranges  as  possible  in  order  to  minimize  the  time  that  the 
system  will  require  to  generate  the  control  sets.  Don't 
forget  that  N  controls  may  produce  2  to  the  Nth  power 
control  sets. 

If  you  get  a  message  like  'NOT  ENOUGH  SPACE  ON  DRIVE  X',  you 
can  overcome  that  using  one  of  the  following: 

1.  If  you  have  already  run  another  method  for  that 
problem,  choose  that  method  again,  and  erase  its  set  file. 

2.  Change  problem,  choose  one  from  the  directory  that  you 
do  not  need,  delete  it,  and  then  choose  again  the  problem 
you  want  to  work  on. 

File:  HELPS . TXT 

HELP  FOR  SENSITIVITY  ANALYSIS 

CONTROL  STRATEGY 

Control  strategy  helps  you  determine  the  optimal  control 
alternative  from  all  the  possible  combinations  of  control 
activities,  or  the  best  one,  according  to  the  cost  range 
you  are  asked  to  specify. 

GRAPHICS 

You  can  generate  curves  and  histograms  representing  the 
relations  between  BENEFIT  COST  RATIO  and  COST,  or  between 
TOTAL  EXPECTED  COST  and  COST. 

REPORTS 

You  can  have  a  hardcopy  of  the  exposures  or 
tabular  format,  and  a  listing  of  tne  set  files. 


controls  in 


File:  HELPB.TXT 

HELP  FOR  CONTROL  STRATEGY 

MOST  EFFECTIVE  ALTERNATIVE 

The  moat  effective  alternative  is  the  one  that  it  is 
expected  to  minimize  the  total  expected  cost. 

MOST  COST  EFFECTIVE  ALTERNATIVE 

The  most  cost  effective  alternative  is  the  one  that  will 
return  the  highest  benefit  per  dollar  spent. 

File:  HELPG.TXT 

HELP  FOR  GRAPHICS 

You  can  print  the  curves  or  histograms  by  using  the  [PrtSc] 
key.  Be  sure  that  your  printer  is  ON.  The  system  will 
switch  it  to  the  graphics  mode. 

Curves  and  Histograms  represent  relations  of  Cost  versus 
Benefit  Cost  Ratio  and  Cost  versus  Total  Expected  Cost. 

Each  curve  can  hold  up  to  200  control  sets  to  be  drawn, 
and  each  histogram  ut  to  24. 

You  will  be  asked  to  give  the  Cost  Range  over  which  the 
graph  will  be  done.  If  the  number  of  control  sets  within 
the  selected  range  exceeds  the  above  limits,  the  system  will 
adjust  the  range. 

File:  HELPP.TXT 

HELP  FOR  PRINT  REPORTS 
YOUR  PRINTER  MUST  BE  ON-LINE  BEFORE  YOU  TRY  TO  PRINT  ANY 
REPORT 

You  must  have  set  the  top  of  form  properly  and  use  page 
length  11  inches  in  order  the  reports  to  be  printed 


(••••»••••«•»••*«»»«»»«»•«»•»••*»»•••»««••«»•»»»»•»»•••»•»•) 
< »  » ) 

<*  DECISION  SUPPORT  SYSTEM  *) 
<  »  » ) 
<*  A  COST-EFFECTIVENESS  ANALYSIS  *> 
<*  FOR  *> 
<*  CONTROL  AND  SECURITY  OF  COMPUTER  SYSTEMS  ») 
<  *  * ) 
<*  FILE  DSS.PAS  *) 
<  »  » ) 


PROGRAM  CEA-DSS; 

(SA+,I-,R-,V-) 

const. 

<*  TURBO  ACCESS  CONSTANTS  *> 
naxrecaize  =  220; 

maxdatarecsize  =  maxrecsize; 
maxkeylen  *  11; 

pageaize  =  128; 

order  =  64; 

pageatacksize  =  16; 

maxheight  =  5; 


noofrecs  :  integer; 

<*  INCLUDE  FILES  *) 
(SI ACCESS. BOX) 

( SIGETKEY . BOX ) 
(SIADDKEY . BOX) 
(SIDELKEY . BOX } 

( SITYPEDEF . SYS } 

C  SI GRAPH IX . SYS ) 

( SI KERNEL . SYS ) 

( SI WINDOWS . SYS } 

( SIHATCH . HGH } 
(SITYPEDEF . DSS } 

( SIUTILITY . BOX } 
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FIRST  OVERLAY 


(SIAXIS.HGH) 

(9IP0LYG0N.HGH) 

(SIHISTOGRM.HGH) 

(SIMENUS.DSS) 

(SIFORWATS.DSS) 

(SIHELP . DSS) 


(SIDATABASE.DSS)  - , 

(SIMODEL. DSS)  L  SECOND  OVERLAY 

(SISENSANAL.DSS)  - 1 


<*  MAIN  PROGRAM  O 

BEGIN 

textmode ; 
textcolor  <x) ; 
textbackgr ound ( z ) ; 
help  C ' 1' > ; 
ana  :=  ' 
makeframe; 
putdate; 
flag  :=  true; 
database; 

while  ana  <>  '5'  do 
begin 

mainmenu; 
if  flag  then 

aelectC 'SELECT  1,2  or  5  :  ' , C ' 1 ' , ' 2' , ' 5' ] , ana ) 
elae 

aelect < ' SELECT  1,2, 3, 4  or  5  :  ' ,  C ' 1 ' . . ' 5 ' 3 , ana) ; 
case  ana  of 
'1'  :  help ( ' M '  )  ; 

'2'  :  databaae; 

'3'  :  model; 

'  4 '  :  aenaiti vi tyanalyaia 

end  (of  caae) 
end;  (of  while} 

clracr ; 

gotoxy < 15, 12) ; 

write ('*•***  END  OF  THE  DECISION  SUPPORT  SYSTEM  ****»') 
wait ; 

textcolor  < 15) ; 
textbackground(O) ; 
clracr 


<  * 

# 

<* 

TYPE 

DECLARATIONS 

* 

<  * 

* 

<* 

FILE 

TYPEDEF . DSS 

* 

( • 

* 

const 

maxctrl 

maxexp 

z 

X 

type 


chset  = 

set  of  char; 

str2 

S 

string  C23 ; 

str5 

= 

string  C53 ; 

str8 

= 

string  C8) ; 

strlO 

= 

string  CIO] ; 

str25 

= 

string  C25] ; 

str40 

= 

string  C403  ; 

str50 

string  C50] ; 

str80 

= 

string  C80] ; 

anystr 

- 

string  C255] ; 

ctrlrange 

a  0 . . maxctrl 

exprange 

a  0 . .  maxexp 

exposure 

=  record 

index 

:  str2 ; 

description  :  str50; 
damage  :  str8; 

probability  :  str5; 
smallest , 
mostlikely , 
largest  :  str8; 

rankP , 

rankQ  :  str5 

end ; 

eff  *  array  Cl . .maxexp]  of  string C53; 

ctrleff  =  array  Cl . .maxctrl]  of  eff; 

control  =  record 

index  :  str2; 

description  :  str50; 
cost  :  strd; 

effect  :  eff 


=  13;  C  maximum  number  of  control  activities  ) 

=  24;  C  maximum  number  of  exposures  ) 

=  0;  Cstandard  text  background) 

=  14;  Cstandard  text  color) 


controlmatrix  *  array  Cl . .maxctrl]  of  control 
combinationindex  =  array  Cl .. maxctrl]  of  str2 


setrec 

aetcomb 

Vk,Lk,Ck, 

Nk,TCk 

BCR 

end; 


=  record 

:  combinationindex; 

:  atrlO; 

:  str5 


problemrec 

problemname 

creator 

date 

wconb, pcomb, 
rcomb 
wtotcoat , 
ptotcoat , 
rtotcoat 
end ; 


=  record 
:  atr8; 

:  atr25; 

:  atrlO; 

:  combinationindex; 


atrlO 


filel,  file2 
indexl , index2 
fl 

expsr 

Ctrl 

at 

problem 
cproblem 
wcombindex , 
pcombindex , 
rcombindex , 
comb 


ctr lmatrix 
totaloaa , 
totalcoat , 
wtotalcost , 
ptotalcost , 
rtotalcost 
expno 
ana,  tc 
dr 

flag 


:  datafile; 

:  indexflle; 

;  file; 

:  expoaure; 

:  control ; 

:  aetrec; 

:  problemrec; 
:  atr8; 


:  combinationindex; 

:  ctr lef  f ; 

:  array  Cl . .maxctrl]  of  str8; 
:  controlmatrix; 


:  real; 

:  integer; 
:  char; 

:  atr2; 

:  boolean: 


UTILITY. BOX 

The  utility  box  contains  all  the  procedures  and 
functions  which  are  commonly  used  by  all  the 
modules  of  the  system. 


<*  upcasestr  converts  a  string  to  upper  case  *> 

function  upcasestrCs  :  str80)  :  strSO; 

var 

p  :  integer; 
begin 

for  p  : =  1  to  length<s)  do 
s[p3  :  =  upcase ( s Cp] ) ; 

upcasestr  :  =  a; 
end ; 


(*  conststr  returns  a  string  with  N  characters  of  value  C* ) 

function  conststr<c  :  char;  n  :  integer)  :  str80; 

var 

s  ;  string [803 ; 
begin 

if  n  <  0  then 
n  :  =  0; 

s [03  : =  chr(n) ; 

f i 1 1 char  <sC13  ,n,c) ; 

conststr  :  =  s; 
end ; 


<«  getvalue  returns  the  ASCII  value  of  a  string  *> 

function  getvalue(s  :  anystr)  :  integer; 

var 

i,  total  :  integer; 


begin 

total  : =  0 ; 

if  length(s)  >  0  then 

for  i  : =  1  to  length(s)  do 

total  :=  total  ♦  ord C copy < s , i , 1 )  )  ; 
getvalue  :=  total 


(«  strtoreal  returns  a  real  number  equivalent  to  a  string  •) 

function  strtoreal (s  :  strlO)  :  real; 

var 

t  :  integer; 
r  :  real; 

begin 

val <s,r , t) ; 
strtoreal  : =  r 
end ; 


<»  realtostr  returns  a  string  equivalent  to  a  real  number  *) 

function  realtostrtr  :  real)  :  strlO; 

var 

s  :  string  CIO] ; 
begin 

f i 11 char  <s, sizeof <  s) , 0) ; 
str <r,s) ; 
realtostr  :=  a 
end ; 


<«  strtoint  returns  an  integer  equivalent  to  a  string  *) 

function  atrtointCa  :  str2>  :  integer; 

var 

i  ,  J  :  integer; 
begin 

val <s, i , j ) ; 

strtoint  :=  i 
end ; 


(»  intostr  returns  a  string  equivalent  to  an  integer  *> 

function  inttostrCn  :  integer)  :  str2; 

var 

s  :  string  12] ; 
begin 

f i 1 1 char  <  s , 2 , 0 ) ; 
str ( n , s ) ; 
inttostr  : =  s 
end ; 
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'  '  j'r  s  "i.  J.i.  s  ^  V - - C—'. 


(»  adjuststr  removes  any  leadind  spaces  from  a  string  ») 

procedure  ad]uatatr(var  s  :  anystr); 

begin 

while  s  Cl]  =  '  '  do 
if  s  Cl]  =  '  '  then 
delete(s, 1,1); 

end  ; 


(»  the  system  waits  for  the  user  *) 
procedure  wait; 
var 

ch  :  char; 
i,3  :  integer; 

begin 

textcolor  < 15) ; 

gotoxy(2,23) ;  write < conststr < ' 
gotoxy (3,23) ;  wr ite (' press  any 
for  i  : =  1  to  3  do 
begin 

3  :=  sqr < random < 30 )) +300 ; 
sound(]) ;  delay(300) 
end ; 

nosound ; 
read(kbd,ch) ; 
gotoxy (3,23) ;  write< ' 
textcolor (x) 
end; 


(*  Beep  sounds  the  terminal  bell  or  beeper  *) 

procedure  beep; 

begin 

sound(680);  delay(400);  nosound 
end ; 


<*  inputstr  is  used  for  the  entry  and  validation  of  data 
It  enables  also  the  use  of  the  cursor  movement  keys 
char-left,  char-right  and  del.  of  the  keyboard, 
procedure  inputstr(var  s  :  anystr; 

1 , i , 3  :  integer; 
term  :  chset; 
var  tc  :  char  )  ; 

label 
again ; 
var 

valid  :  set  of  char; 
value , 

p,  n  :  integer; 
ch  :  char; 


' ,53) )  ; 
key . . ' ) ; 


l-length(s) ) ) 


textbackground( 14) ; 
textcolor(O) ; 
tc  : =  #0; 

valid  :=  term  +  C#8 , #13 , #27] ; 
again : 

gotoxy(i,j);  write (a,constatr < '  ', 

P  :=  0; 
repeat 

gotoxy ( i+p, 3 >  ;  read (kbd,ch) ; 
if  not  <ch  in  valid)  then 
beep 
else 
begin 

if  (ch  in  term)  and  (p  <  1)  then 
begin 

P  :*  P  ♦  l; 
deleteCs, 1,1); 
insert (ch, s , p) ; 
write ( copy  (s,p,l)) 
end; 

if  Cch  =  #8)  and  <p  >=  length(s))  and  <p  >  0) 
begin 

deleteCs, p, 1 ) ; 
p  :=  p  -  1; 

gotoxy (i+p, 3 )  ;  writeC'  ' ) 
end; 

if  (ch  *  #27)  and  keypressed  then 
begin 

read(kbd,ch) ; 

if  ch  =  'K'  then 

begin 

if  p  >  0  then 
p  :=  p  -  1 

else 
beep 

end ; 


if  (ch  =  ' M ' )  and 
p  ••=  P  ♦  i; 

V 

a 

length (s) ) 

then 

if  (ch  =  '  5'  )  and 
begin 

delete <  s , p  + 1 , 1 )  ; 

V 

a 

length  <  s ) ) 

then 

write ( copy ( s , p+ 1 , 

i) , ' 

'  ) 

end ; 

if  ch  in  C'H'.'P'D  then 
begin 

tc  :=  chr<100  +  ord(ch)); 
p  :  =  l 
end 
end 
end 

until  Cch  =  #13)  or  <p  =  1); 


then 


if  ch  =  #13  then 
tc  :=  ch; 

value  :=  getvalue(a); 
n  ;=  32  *  length(a); 

if  (value  <=  n)  and  (ch  <>  'H')  then 
begin 
beep; 
tc  :=  #0; 
goto  again 
end ; 

adguststr ( a) ; 
textbackground(z) ; 
textcolor (x) 
end;  (inputatr) 


(*  action  writes  on  the  frame  the  current  action  *> 

procedure  actionCs  :  str40); 

begin 

textcolor ( 2) ; 

gotoxy (39,4) ;  wr i te < conststr ( '  ',40)); 
gotoxy (39,4) ;  write(a); 
textcolor (x) 
end ; 

procedure  clearmessoge ; 
begin 

gotoxy (2, 12) ;  write ( conatatr ( '  ',78)) 

end ; 

(*  message  writes  a  string  at  the  center  of  the  frame 

procedure  mesaage(s  :  atr80) ; 

var 

i  :  integer; 
begin 

cl ear message ; 
textbackground(O) ; 
textcolor ( 31 ) ; 

i  :=  trunc( (80  -  length < s ))/ 2 > : 

gotoxy ( i , 12) ;  write(copy(s,l,length(s) ) ) ; 

beep ; 

textbackground(z) ; 
textcolor ( x ) 
end ; 


procedure  clearselect; 
begin 

gotoxy ( 2 , 23 ) ;  wri te ( conststr (  ' 
end ; 
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<»  select  writes  the  command  line  at  the  bottom  of  the 
frame  and  accepts  the  selection 

procedure  select<  prompt  :  str80; 

term  :  chset; 

var  tc  :  char  ) ; 

var 

ch  :  char; 
begin 

clearselect ; 
textcolor( 15) ; 

gotoxy <4,23) ;  write (prompt) ; 
textbackground ( 30 ) ; 

gotoxy <5+length(prompt) , 23) ;  write('  ' ) ; 
gotoxy <5+ length (prompt) ,  23)  ; 
textbackground <z) ; 
textcolor ( x ) ; 
repeat 

read ( kbd , ch ) ; 
tc  :=  upcase(ch); 
if  not  (tc  in  term)  then 
beep; 

until  tc  in  term; 
write(tc) 
end ; 


<*  cleartext  clears  the  work  area  of  the  frame  *> 

procedure  cleartext; 

var 

i  :  integer; 
begin 

for  i  :=  lO  to  21  do 

begin 

gotoxy ( 2 , i )  ; 
write(conatatr( '  ',78)) 

end 
end ; 


procedure  clearframe; 
var 

i:  integer; 
begin 

for  i  : =  6  to  9  do 
begin 

gotoxy  <  2 , i ) ; 
write ( const st r ( '  ',78)) 
end ; 

cleartext ; 
clearselect ; 


8)  > 


procedure  clearproblem ; 
begin 

gotoxy < 13, 4) ;  write < conststr < '  ', 

end ; 


<»  problemfield  writes  the  problem  description  in  the 
problem  area  ofthe  frame  *) 

procedure  problemf ield C s  :  str8>  ; 
begin 

clearproblem ; 
textcolor (2) ; 
gotoxy (13,4) ; 
writeCs) ; 
textcolor  <  x ) 
end ; 


<*  funckey  helps  in  using  the  cursor  movement  keys 

line-up, line  down, and  enter  of  the  keyboard  *) 

procedure  funckeyCch  :  char;  var  i  :  integer); 
begin 

if  ch  >  #126  then 

ch  :=  chr (ord ( ch) - 100 ) ; 
if  ch  =  'P'  then 

i  :  =  i  ♦  1 ; 
if  ch  =  ' H '  then 

begin 

if  i  =  1  then 
beep 
else 

i  :  =  i  -  1 

end ; 

if  ch  =  #13  then 

i  :  =  i  ♦  1 

end ; 


<*  avai lablespace  returns  the  available  space(bytes) 
of  the  logged  drive.  *) 

procedure  spaceavai lable (  var  totalbytes  :  real  ); 
type 

regrec  =  record  (  register  pack  Used  in  MSDos  call  ) 
AX,  BX,  CX,  DX ,  BP,  SI,  DI,  DS,  ES,  Flags  :  integer 
end ; 

var 

tracks , 
drive , 
bytes , 

sectors  :  integer; 

regs  :  regrec; 

ch  :  char; 


procedure  diskstatus(  drive  :  integer;  var  tracks, 

bytes,  sectors  :  integer  ) ; 

begin 

regs.AX  :=  33600; 
regs.DX  :=  Drive; 

MSDos <  regs  ); 
tracks  : =  regs.BX; 
bytes  :=  regs.CX; 
sectors  : =  regs.AX 
end; 
begin 

ch  :=  copy (dr , 1 , 1 )  ; 
drive  :=  ord(ch)  -  64; 

diskstatusC  drive,  tracks,  bytes,  sectors  ); 
totalbytes  :=  (<  sectors  »  bytes  *  1.0  )  *  tracks  ) 
end ; 


procedure  getdateC  var  date  ;  strlO  ); 
type 

regrec  =  record  (  register  pack  Used  in  MSDos  call  > 
AX,  BX,  CX,  DX,  BP,  SI,  DI,  DS,  ES,  Flags  :  integer 

end ; 
var 

regs  :  regrec; 
mm,dd  :  stringC2]; 
yy  ;  string [ 4] ; 

begin 

regs. ax  :=  S2A  shl  8; 
msdos <  regs ) ; 
str  <  regs . cx , yy ) ; 
atr (rega.dx  mod  256, dd); 
strCregs.dx  shr  8, mm); 
date  :=  mm+ ' / ' +dd+ ' / ' +  yy 
end ; 


<*  putdate  writes  the  date  at  the  lower  right  corner 
of  the  frame  *  ) 

procedure  putdate; 
var 

date  :  string  CIO]; 
begin 

textbackground ( 3 )  ; 

textcolor ( 0) ; 

getdate ( date ) ; 

gotoxy  (68 , 23 )  ;  wnte(date); 

textbackground ( z ) ; 

textcolor  <  x ) 
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<* 
<  » 
<* 
<  * 
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*> 
* ) 
• ) 
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«> 


overlay  procedure  mainmenu; 
begin 

clearframe; 

action < ' MAIN  MENU'); 

gotoxy <20,  7) ; 

write < ' MAIN  MENU  OPTIONS:'); 
gotoxy <20, 10) ; 
write  < ' 1 .  HELP'); 
gotoxy <20, 12) ; 

write  < ' 2 .  UPDATE  FILES  OR  CHANGE  PROBLEM'); 
gotoxy  <20, 14) ; 

write  < ' 3 .  RUN  THE  COST  EFFECTIVENESS  MODEL'); 
gotoxy  <  20, 16) ; 

write < ' 4 .  SENSITIVITY  ANALYSIS  OF  ALTERNATIVES'): 
gotoxy  <20, 18) ; 
write  < ' 5 .  EXIT  TO  DOS'); 
end ; 


overlay  procedure  dbasemenu; 
begin 

clearframe; 
action< 'DATABASE' ) ; 
gotoxy <26,  7) ; 

write< 'DATABASE  MENU  OPTIONS:'); 
gotoxy <26, 10) ; 
write ( ' 1 .  HELP'); 
gotoxy <26, 12) ; 

wr i te  < ' 2 .  CHANGE  PROBLEM'); 
gotoxy  <26,14) ; 

write < ' 3 .  DELETE  CURRENT  PROBLEM'); 
gotoxy  <26,16); 

write ( ' 4 .  UPDATE  EXPOSURE  FILE'); 
gotoxy  <  26 , 18 ) ; 

write ( ' 5 .  UPDATE  CONTROL  FILE'); 
gotoxy < 26 , 20 ) ; 

write ( ' 6 .  RETURN  TO  MAIN  MENU'): 


overlay  procedure  modelmenu; 
begin 

clearf rame; 
action  < ' MODEL" ) ; 
gotoxy (25,  7); 

write< "MODEL  MENU  OPTIONS:"); 
gotoxy (25, 10) ; 
write ( ' 1 .  HELP"); 
gotoxy (25, 12) ; 


write("2.  RUN 
gotoxy (25, 14) ; 

THE 

WEIGHTED 

METHOD" 

) ; 

write ( " 3 .  RUN 
gotoxy (25, 16) ; 

THE 

P.E.R.T 

METHOD" 

); 

write ( " 4 .  RUN 
gotoxy (25,18); 

THE 

RANKING 

METHOD" 

) ; 

write ( " 5 .  RUN 
gotoxy (25,20) ; 

ALL 

THE  METHODS'); 

write ( ' 6 .  RETURN  TO  MAIN  MENU"); 
end ; 


overlay  procedure  sensanalmenu ; 
begin 

clearf rame; 

action( 'SENSITIVITY  ANALYSIS"); 
gotoxy (28,  7) ; 

write ("SENSITIVITY  ANALYSIS  MENU  OPTIONS:'); 
gotoxy (28, 10) ; 
write ( " 1 .  HELP'); 
gotoxy (28, 12) ; 

write ( ' 2 .  FIND  CONTROL  STRATEGY'); 
gotoxy(28, 14) ; 

write ( " 3 .  GENERATE  GRAPHICS'); 
gotoxy(28, 16) ; 

write ( ' 4 .  PRINT  REPORTS'); 
gotoxy (28 , 18 ) ; 

write ( ' 5 .  RETURN  TO  MAIN  MENU'); 
end ; 
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overlay  procedure  controlstrategymenu; 
begin 

clearfrane; 

action  <  ''SENSITIVITY  ANALYSIS  /  CONTROL  STRATEGY' >  ; 
gotoxy <15,  7) ; 

write < 'CONTROL  STRATEGY  MENU  OPTIONS:'); 
gotoxy  <15,10) ; 
write  < ' 1 .  HELP'); 
gotoxy <15, 13) ; 

write< '2.  FIND  THE  MOST  EFFECTIVE  CONTROL  SET') 
gotoxy < 15, 16) ; 

write  < ' 3 .  FIND  THE  MOST  COST  EFFECTIVE  CONTROL' 

'  SET'); 

gotoxy <15, 19) ; 

write  < ' 4 .  RETURN  TO  SENSITIVITY  ANALYSIS  MENU') 
end ; 


overlay  procedure  graphicsmenu ; 
begin 

clearfrane; 

action< 'SENSITIVITY  ANALYSIS  /  GRAPHICS'); 
gotoxy <21 ,  7) ; 

write< 'GRAPHICS  MENU  OPTIONS:'); 
gotoxy  <21 , 10) ; 
write  < ' 1 .  HELP'); 
gotoxy  <21,13) ; 

write  < ' 2 .  DRAW  REPRESENTATIVE  CURVES'); 
gotoxy <21 , 16) ; 

write  < ' 3 .  DRAW  REPRESENTATIVE  HISTOGRAMS'); 
gotoxy  <21 , 19) ; 

write < ' 4 .  RETURN  TO  SENSITIVITY  ANALYSIS  MENU'); 
end; 


overlay  procedure  prlntnenu; 
begin 

clearframe; 

action< 'SENSITIVITY  ANALYSIS  /  PRINT  REPORTS'); 
gotoxy <19,  7) ; 

write< 'PRINT  REPORTS  MENU  OPTIONS:'); 
gotoxy  <19,10); 
write  < ' 1 .  HELP'); 
gotoxy < 19,12) ; 

write  < ' 2 .  PRINT  EXPOSURE  EXPECTED  LOSS  TABLE') 
gotoxy < 19, 14) ; 

write  < ' 3 .  PRINT  CONTROL  EFFECTIVENESS  TABLE'); 
gotoxy < 19,16); 

write  < ' 4 .  PRINT  SET  FILES'); 
gotoxy < 19, 18) ; 

write  < ' 5 .  RETURN  TO  SENSITIVITY  ANALYSIS  MENU') 
end ; 
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FORMATS 


D  S  S 


<»  makeframe  writes  the  frame  of  the  system  along  with 
the  identification  of  each  area  *) 

procedure  makeframe; 


i  :  integer; 
begin 

clrscr ; 
gotoxy(  1,1) 
gotoxy  <80, 1 ) 
gotoxyC  2,1) 
gotoxyC  1,2) 
gotoxy (80,2) 
gotoxyC  1,3) 
gotoxy <80,3) 
gotoxyC  2,3) 
gotoxy  <25, 3) 
gotoxy  <  1,4) 
gotoxy <25, 4) 
gotoxy <80,4) 
gotoxyC  1,5) 
gotoxy <80,5) 
gotoxyC  2,5) 
gotoxy <25,5) 


wri te  <  chr  <  201 ) ) ; 

wr ite < chr < 187 ) ) ; 

write < conststr < chr < 205) ,78) ) ; 

write<chr<186) ) ; 

write  < chr  < 186 ) ) ; 

writeCchr <204) ) ; 

write Cchr < 185) ) ; 

write Cconatstr (chr <205) ,78) ) ; 

writeCchr <203) ) ; 

write Cchr < 186) ) ; 

writeCchr ( 186) ) ; 

writeCchr <186) ) ; 

writeCchr <204) ) ; 

writeCchr < 185) ) ; 

wr i te  <  conststr ( chr ( 205 ) ,78) ) ; 

write  <  chr  <  202 ) ) ; 


for  i  :=  6  to  21 
begin 

gotoxy  <  1 .  i  )  ;  v 
gotoxy  <80 , i ) ;  v 
end ; 


write  <  chr  < 186 ) ) ; 
wr i te < chr < 186 ) ) 


gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

gotoxy 

textco 


<  1,22) 
<80,22) 
<  2,22) 
<55,22) 

<  1,23) 
<55,23) 

(80.23) 

<  1,24) 

(80.24) 

<  2,24) 
<55,24) 
lor  <  3 )  : 


write  <chr<204) ) ; 

write  <  chr  < 185 ) ) ; 

write ( conststr < chr ( 205 ) ,78) ) ; 

wr i te < chr < 203 ) ) ; 

writeCchr < 186) ) ; 

writeCchr  < 186) ) ; 

write  <chr(186> ) ; 

write  <  chr  <  200 ) ) ; 

write (chr  < 188 ) ) ; 

write  <  conststr  < chr  <  205 ) , 78 ) ) ; 

wr i te (chr < 202 ) ) ; 


gotoxy (8,2) ; 

write ( 'EFFECTIVENESS  OF  CONTROL  AND  SECURITY  OF', 

'  COMPUTER  SYSTEMS') 

gotoxy(  4,  4);  write (' PROBLEM :') ; 
gotoxy <31,  4);  write (' ACTION :') ; 

gotoxy (58,23) ;  write< 'Today  la:');  textcolor(x) 
end; 


<•  exposureform  writes  the  field  descriptions  for  the 
exposure  record  and  one  table  which  helps  the  user 
to  fill  the  fields  of  the  ranking  method.  It  is 
used  by  the  database  for  updating  exposures.  ») 

procedure  exposureform; 
begin 

clearframe; 

gotoxy <  3,  6);  write (' Index :') ; 
gotoxy<16,  8);  write (' Description :') ; 
gotoxy <  5,  8);  wri te (' WEIGHTED :') ; 
gotoxy<15,  8);  write (' Damage : S'  ) ; 
gotoxy<36,  8);  write (' Probabil ity :') ; 
gotoxy<  5,10);  write< ' P . E . R . T :  '  )  ; 
gotoxy <15, 10) ;  write < 'Smallest : S' ) ; 
gotoxy <36, 10) ;  write('Most  Likely:S'>; 
gotoxy <60, 10) ;  write < ' Largest :S' ) ; 
gotoxy <  5,12);  wri te <' RANKS :') ; 
gotoxy<15, 12) ;  write('Rank  P:'>; 
gotoxy <36, 12) ;  write('Rank  Q:'>; 
textcolor <7) ;  gotoxy<  5,13); 
write('Rank  P  Damage  caused  by  error'); 
gotoxy <45, 13) ; 

write<'Rank  Q  Damage  caused  by  failure'); 
gotoxy (  8,14); 

write('0  virtually  impossible'); 
gotoxy  <48, 14) ; 
write<'0  negligible'); 
gotoxy <  8,15) ; 

write<'l  might  happen  once  in  400  years'); 
gotoxy <48, 15) ; 

write<'l  about  S10' ) ; 

gotoxy <  8,16); 

write<'2  might  happen  once  in  40  years'); 
gotoxy<48, 16) ; 

write<'2  about  S100' ) ; 

gotoxy  <  8,17); 

write<'3  might  happen  once  in  4  years'); 
gotoxy <48, 17) ; 

write<'3  about  S1,000'>; 

gotoxy  <8,18); 

write< '4  might  happen  once  in  100  days'); 
gotoxy <48, 18) ; 

writet '4  about  S10,000'>; 
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gotoxy <43, i-3) ; 

write (' Effectiveness  on  Exposure  ',i:2,':' 
and;  (of  for) 
end ; 


<*  controlf ields  gives  the  fields  to  be  filled 
for  the  control  record  in  inversed  video 
procedure  controlf ieldatexpno  :  integer); 
var 

i  :  integer; 
begin 

gotoxy(9,7);  write('  ' )  ; 
textbackground  < 14 ) ; 
textcolor (0) ; 

gotoxy <28,  7);  write < conststr < '  ',50)); 
gotoxy<28,  8);  write < conststr < '  ',8)); 
for  i  : =  1  to  expno  do 
begin 

if  i  <=  12  then 
gotoxy  <33, 9-*- i) 
else 

gotoxy < 73, i -3 ) ; 
write< 'O.  '  )  ; 

end;  (of  for) 
textbackground <z) ; 
textcolor <x) 


. . . . . . . 

(  »  *  ) 

<*  DATABASE. DSS  *) 

<  *  » ) 

<»  This  is  the  databass  of  the  system  and  performs  all  ») 

<•  the  functions  contained  in  the  dbasemenu.  *) 


overlay  procedure  database; 
label 

cancel ; 
var 

ans  :  char; 
next  :  integer; 

(»  makeproblem  creates  the  control  and  exposure  files 
for  each  new  problem  and  puts  the  problem  description 
in  the  problem  area  of  the  frame.  ») 

overlay  procedure  makeproblem Cs  :  str8); 
begin 

clearf rame; 
problemf ield(s) ; 
action < ' NEW  PROBLEM'); 

message < 'CREATING  EXPOSURE  AND  CONTROL  FILES'); 
delay <2000) ; 

makefile (file 1 ,dr+s+' .dxp' , sizeof (expsr ) ) ; 
makeindexC indexl ,dr»a+ ' . ixp' , sizeof (expsr. index) ,0) ; 
closef i le < f i lei ) ; 
closeindex ( indexl ) ; 

makefile (filel ,dr+a*' .del ' , sizeof (Ctrl ) ) ; 
make index < indexl ,dr+s+' . icl ' , sizeof (Ctrl . index) , 0)  ; 
closef ile(filel) ; 
closeindex ( indexl ) ; 
end; 


<•  deleteproblem  deletes  all  the  files  referred  to  the 
current  problem,  removes  its  description  from  the 
problem  area  and  removes  also  the  record  referred  to 
that  from  the  directory  of  the  system.  *) 

overlay  procedure  deleteproblem ( s  :  str8); 
var 

i  :  integer; 
begin 

cl ear message ; 
clearselect; 

action* 'DELETING  PROBLEM'); 
assign <fl,dr-*-s-*-' . dxp ' ) ; 
erase ( f 1 ) ; 
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assign <f  l.dr+s-*-'  . ixp' ) ; 
erase (f 1 ) ; 

assign<fl,dr+s+'  •del''  ) ; 
erase(fl) ; 

assign <f l,dr+s+' .  icl' ) ; 
erase(fl) ; 

openf  ile (f  ilel ,  dr ■‘■s* '  .  wdt '  ,  sizeof  <  st >  > ; 

if  ok  then 

begin 

closef ile(f ilel) ; 
assign  (£1,  dr  i-s*'  .wdt'  )  ; 
erase (f 1) ; 

assign(f l,dr+s+' .wic' > ; 
erase (f 1 ) 
end; 

openf i le <  f i lei , dr*s+ ' . pdt ' .sizeof  < st ) ) ; 

if  ok  then 

begin 

closef ile<£ ilel) ; 
assign < f 1, dr +s+' .pdt' ) ; 
erase  (f 1 ) ; 

assign ( f 1 , dr+a+ ' . pic ' ) ; 
erase (fl ) 
end ; 

openf ileCfilel, dr*s+ ' . rdt ' .sizeof  <  st ) ) ; 

if  ok  then 

begin 

closef ile (f ilel ) ; 
assign (£1 , dr+s+' . rdt ' ) ; 
erase (fl )  ; 

assign(fl,dr+s+' . ric' ) ; 
erase (fl ) 
end  ; 

<*  delete  the  directory  of  the  current  drive  if  it 
does  not  contain  onother  problem  ») 

openf i le ( f i le2 , dr ♦ ' problem . dta ' , sizeof ( problem ) ) ; 
if  usedrecs(file2)  >  1  then 
begin 

init index ; 

open index  < index2 , dr +  ' problem . idx ' .sizeof ( cproblem ) , 0 
deletekey < index2 , i , s ) ; 
deleterec  <file2,i); 
closef ile(file2)  ; 
close index ( index2 ) 
end 
else 
begin 

closef ile(file2) ; 
asaign(fl,dr+' problem . dta ' ) ; 
erase ( f 1 ) ; 

assign (fl,dr*'problem.idx' ) ; 
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erase (f 1 ) 
end; 

clearproblem 
end ; 


(*  updatecontrol  adds,  deletes,  edits  and  scrolls 
the  file  of  the  controls  data.  •) 

overlay  procedure  updatecontrol (  cproblem  :  str8; 

expno  :  integer  > ; 

label 

cancel ; 
var 

rn,i,t  ;  integer; 
idx  :  string [23; 

ans  :  char; 


C*  writecontrol  writes  the  content  of  a  control  record 

on  the  input/output  control  form.  *) 

procedure  wr itecontrol ( ctr 1  :  control;  expno  :  integer); 

var 

i  :  integer; 
begin 

controlf ields (expno) ; 
with  Ctrl  do 
begin 

gotoxy<9,  7);  wri  te  <  index )  ; 
textbackground ( 14) ; 
textcolor (0) ; 

gotoxy<28,  7);  wri te ( descript ion ) ; 
gotoxy<28,  8);  write(cost); 
for  i  5=1  to  expno  do 
begin 

if  1  <=  12  then 
gotoxy  <  33 , 9  +  i ) 
else 

gotoxy  < 73 , i -3 ) ; 
wri te ( ef feet Ci ] ) 
end 
end ; 

textbackground ( z )  ; 
textcolor  <  x ) 
end ; 
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* »  .  ^ — 


(•  IOcontrol  reads  input  data  from  the  screen.  It  is 
used  for  adding  and  editing  controls.  * 

procedure  IOcontrol < var  Ctrl  :  control; 

ch  :  char; 
expno  :  integer  ) ; 

var 

tc  :  char; 

i,j,n,ti  :  integer; 

1 1  :  string  C2] ; 

t2  :  string  C 3 3 ; 

s  :  chset; 

begin 

f i llchar ( tl , sizeof ( tl ) ,0) ; 
tl  : =  '0. ' ; 

S  : =  C#48. .#57] ; 

n  :=  2  *  expno; 
tc  : =  '  ' ; 

with  Ctrl  do 
while  tc  <>  'Y'  do 
begin 

i  :  =  1 ; 
case  ch  of 
'A'  :  begin 

f i llchar (Ctrl, sizeof ( Ctrl )  ,  0 )  ; 
controlf ields ( expno) ; 

index  :=  inttostr ( usedrecs ( f i lei ) + 1 ) ; 
if  length ( index)  =  1  then 
Insert ( ' 0' , index , 1 ) ; 
gotoxy(9,7);  write(index) 
end ; 

'E'  :  begin 

writecontrol (Ctrl , expno) ; 
if  next  =  2  then 
i  : =  expno+2 

end 

end;  (of  case) 
repeat 

case  i  of 

1  :  mputstr  (  descr  l  pt ion  ,  50 , 28 , 7 , 

C  #32 .  .#126]  , tc)  ; 

2  :  inputstr < cost , 8 , 28 , 8 , s , tc ) ; 

3 . .  14  :  begin 

f i 1 1  char ( t2 , si zeof <t2) ,0) ; 
t2  :=  copy < ef f ect  [  l -2)  , 3 , 5 )  ; 
inputstr(t2,3,35,7+i,s,tc) 
end ; 

15 . .  26  :  begin 

fillchar(t2, sizeof ( t2 ) , 0 ) ; 
t2  :=  copy ( ef f ect [ i -2] , 3 , 5 ) ; 
lnputstr(t2,3,75,i-5,s,tc) 
end 

end;  (of  case) 


106 


2  then 


if  i  > 
begin 

if  <length<t2)  <  3)  and  < length ( t2>  >  0)  then 

for  3  :  =  length <t2> +1  to  3  do 

insert  <'0',t2,j); 
effect  Ci-2]  :=  tl  «■  t2 

end ; 

ti  : =  i ; 
funckey < tc, i ) ; 

if  <ti  =  i)  and  ( chr < ord < tc) - 100 )  <>  'H')  then 

i  :=  i  +  1 
until  i  >  n; 

select ( '  IS  RECORD  CORRECT < Y /N ) ? 

i' Y' , 'y' , ' N' , ' n' ] , tc) ; 

clearaelect 
end  (of  while) 
end ; 


<»  deletecontrol  deletes  the  current  control  record, 
if  there  are  more  than  two  controls  in  the  file, 
on  the  screen  and  adjusts  the  index  of  all  the 
successor  records  in  the  file.  ») 

procedure  deletecontrol <  s  :  str8;  idx  :  str2  ); 
var 

i , t , rn  :  integer; 
tc  :  char; 

tdx  :  string  C21 ; 

begin 

clearf rame ; 

if  usedrecs < f i lei )  =  2  then 

begin 

message < 'SYSTEM  REQUIRES  2  CONTROLS  AT  LEAST'); 
wait 
end 
else 
begin 

message< ' ******  DELETING  CONTROL  '+idx+'  ******'>; 

deletekey  < index 1 , rn , idx)  ; 
deleterec < f i lei , rn )  ; 
t  :=  strtoint ( idx ) ; 

if  t  <=  usedrecs < f i lei )  then 

with  Ctrl  do 

begin 

f lllchar (tdx.sizeof (tdx) ,0>  ; 
tdx  :=  intto3tr ( t + 1 ) ; 
if  1 ength (tdx)  =  1  then 
insert ( ' 0 ' , tdx , 1 )  ; 
f indkey ( indexl ,rn,tdx) ; 
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repeat 

getrec(f ilel ,rn,ctrl) ; 
t  :=  strtoint < index)  - 
index  inttostr(t); 
if  length ( index )  =  1  then 
insert  < ' 0' , index, 1 ) ; 
putrec(f ilel, rn, Ctrl) ; 
deletekey ( indexl , rn, tdx) ; 
addkey ( indexl , rn, index) ; 
nextkey ( indexl , rn, tdx) 
until  not  ok; 
close index  C indexl ) ; 
initindex ; 

open index ( indexl , cproblem* ' . icl ' , aizeof ( index ) , 0 ) 
end  (of  if/with) 
end  (of  else) 
end ; 


begin  (of  updatecontrol ) 
controlform (expno) ; 
initindex ; 

openf ileCfilel, dr *cproblem+ ' . del ' , sizeof ( Ctrl ) > ; 

open index  ( indexl , dr ♦cproblem* '  .  icl ' , sizeof ( Ctrl . index ) , 0 ) ; 

f i 1 1 char  < idx , sizeof ( idx ) , 0 ) ; 

f i 1 lchar (Ctrl , sizeof (ctrl ) ,0) ; 

cl ear key  < indexl ) ; 

if  next  <>  1  then 

begin 

nextkey ( indexl , rn , idx) ; 

if  ok  then 

begin 

getrec  <filel,rn, Ctrl ) ; 
writecontrol (Ctrl , expno) 
end 

else  goto  cancel 
end ; 


with  Ctrl  do 
while  ans  <>  'Q'  do 
begin 

action (' UPDATE  CONTROLS'); 
if  next  =  2  then 
ans  : =  ' E ' 
else 
begin 

f lag  ; =  false; 

if  usedrecs ( f i lei )  >=  2  then 

begin 

select (' A ) dd ,  D)elete,  E>dit,  N)ext,  P>revious 

'or  Q)uit : ' ,  C'A','D','E','N', 'P','0')  .ans  > 
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clearselect 

end 

else 

ana  : =  'A' 

end ; 

case  ana  of 
'A'  :  begin 

action ('ADD  CONTROL  '); 

if  usedreca ( f i lei )  =  maxctrl 

begin 

clearf rame ; 

message < 'THE  SYSTEM  CANNOT 
wait ; 

goto  cancel 
end ; 

IOcontrol (Ctrl, 'A' , expno) ; 
addrec (f ilel,rn,ctrl> ; 
addkey ( index 1 ,rn, index) ; 
idx  :=  index; 
f indkey ( indexl , rn , idx) 
end ; 

'D'  :  begin 

action ( 'DELETE  CONTROL  '); 
deletecontrol (cproblem, idx) ; 
controlform (expno) ; 
i  ;=  strtoint< idx) ; 
cl ear key ( indexl ) ; 
if  i  <=  usedreca ( fi lei )  then 
f indkey ( indexl , rn , idx ) 
else 
repeat 

next key ( indexl , rn , idx ) 
until  ok 
end ; 

'E'  :  begin 

action ( ' EDIT  CONTROL'); 
getrec (filel,rn,ctrl) ; 
IOcontrol ( ctr 1, 'E' .expno) : 
putrec (filel.rn.ctrl) 
end ; 

'N'  :  repeat 

nextkey ( indexl . rn , idx ) 
until  ok; 

'P'  :  repeat 

prevkey ( indexl , rn , idx ) 
until  ok 
end;  (of  case) 


then 

HOLD  ANOTHER 
'  CONTROL') 
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P'3  then 


if  ana  in  I'D' 
begin 

getrec <f ilel , rn, Ctrl >  ; 
writecontrol (Ctrl , expno) 
end ; 

if  next  =  2  then 
begin 

nextkey < index 1 , rn , idx) ; 
if  not  ok  then 
begin 

next  :=  0; 
ana  :=  'Q' 
end 
end 

end;  (of  with/while) 
cancel:  closef i le ( f i lel ) ; 

cloaeindex ( indexl > ; 


end ; 


<*  updatexposure  adds,  deletes,  edits  and  scrolls 

the  file  of  the  exposures  data.  *) 

overlay  procedure  updatexposure (  cproblem  :  st 

var  expno  :  inteqer 

label 

cancel ; 
var 

rn,i,t  :  integer; 
idx  :  string  C2] ; 

ans  :  char; 


<»  writexposure  writes  the  content  of  an  exposure  record 
on  the  input/output  exposure  form, 
procedure  wr i texposure ( expsr  :  exposure); 
begin 

exposuref ields ; 
with  expsr  do 
begin 

gotoxy (9,  6);  wr ite ( index > ; 
textbackground  < 14  )  ; 


textcolor ( 0 ) ; 
gotoxy<28,  6) 
gotoxy<23,  8) 
gotoxy<48,  8) 
gotoxy ( 25 , 10 ) 
gotoxy  <  49 , 10 ) 
gotoxy ( 69 , 10 ) 


write  ^ description) 
write(damage) ; 
write< probability) 
wr ite ( sma 1 lest ) ; 
wr ite < mostl ikely )  ; 
wr ite < largest ) ; 
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gotoxy <22, 12 );  write (rankP) ; 
gotoxy <43, 12> ;  write < rankQ) 
end;  (of  with) 
textbackground <z> ; 
textcolor <x) 
end; 


<»  IOexposure  reads  input  data  from  the  screen.  It  is 
used  for  adding  and  editing  exposures.  •) 

procedure  IOexposure < var  expsr  :  exposure;  ch  :  char): 
var 

tc  :  char; 

tl  :  string  Cl] ; 

t2  :  string  C3]  ; 

i,3,ti  :  integer; 

begin 

i  :■  1; 

tc  :=  #0; 

with  expsr  do 

while  tc  <>  'Y'  do 

begin 

i  :=  1; 
case  ch  of 
'A'  ;  begin 

f illchar < expsr, sizeof (expsr) , O) ; 
exposuref ields; 

index  : *  inttostr < usedrecs ( f i lei > + 1 )  ; 
if  length < index)  *  1  then 
insert < '0' , index, 1 )  ; 
gotoxy<9,6);  write(index) 
end ; 

’  E'  :  writexposure(expsr) ; 
end;  (of  case) 

repeat 

case  i  of 

1  :  inputstr < descr ipt ion , 50 , 28 , 6 , C#32 . . # 1 26 J . tc > ; 

2  :  inputstr < damage , 8 , 23 , 8 , C#48 .. #57] , tc ) ; 

3  :  begin 

fill char <t2, sizeof (t2) ,0) : 
t2  :=  copy ( probabi 1 i ty , 3 , 3 ) : 
inputstr < t2 , 3 , 50 , 8 , t#48. .#57] ,tc) : 
if  <length(t2)  <  3)  and  <length(t2)  >  O)  then 

for  -j  :=  length<t2)  +  l  to  3  do 
inaert('0' , t2, j ) ; 
probability  :=  '0.' 


*  t2 
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inputstr (smallest , 8, 25, 10, C#48 . . #57] , tc) 


inputstr (mostl ikely , 8, 49, 10, C#48. .#57] ,tc) ; 


6  :  inputstr<largest,8,69, 10, C#48. .#57] , tc) ; 

7  :  begin 

f i 11 char ( tl , slzeof ( tl ) , 0) ; 
f illchar ( t2, sizeof ( t2) ,0) ; 
tl  :=  copy ( rankP , 1 , 1 ) ; 
t2  :=  copy < rankP, 3, 3) ; 
inputstr <tl , 1 , 22, 12, (#48. .#57] , tc) ; 
inputstr ( t2, 3 , 24, 12 , C#48 . . #57] , tc) ; 
if  (length<t2)  <  3)  and  (length(t2)  >  0)  then 
for  3  :=  length(t2)+l  to  3  do 
insert ( ' 0' , t2, 3  > ; 
rankP  :  =  tl  +  ♦  t2 

end ; 

8  :  begin 

f illchar  <  tl , sizeof ( tl ) ,0) ; 
f illchar <t2, sizeof  <t2) ,0) ; 
tl  :=  copy (rankO, 1 , 1 ) ; 
t2  :=  copy (rankQ, 3 , 3 ) ; 
inputstr (tl, 1,43, 12, (#48 . . #57] , tc) ; 
inputstr <t2, 3 , 45, 12 , [#48. .#57] ,tc) : 
if  (length(t2)  <  3)  and  (length(t2>  >  0)  then 
for  3  :=  length ( t2) +1  to  3  do 

insert ( 'O' ,t2, 3 ) ; 
rankQ  : =  tl  ♦  '.'  +  t2 
end 

end;  (of  case) 


ti 


=  i; 


funckey (tc, i ) ; 
if  (ti  =  i) 

i  :  =  i  +  1 
until  i  >  8; 


and  (chr ( ord ( tc) - 100)  <>  'H'> 


:hen 


select (' 15  RECORD  CORRECT ( Y / N ) ? 

( ' Y' , 'y' , ' N' , ' n' ] , tc) ; 

clearselect 
end;  (of  while} 
end  ; 


I 


I 


1  12 


<•  deletexposure  deletes  the  current  control  record 
on  the  screen.  If  there  are  more  than  two  exposures 
in  the  exposure  file  and  adjusts  the  index  of  all 
the  successor  records.  Then  it  opens  the  control 
file  and  removes  from  all  the  control  records  the 
reference  to  the  deleted  exposure.  •) 

procedure  deletexposure (  cproblem  :  str8;  idx  :  str2  ) 

var 

i ,rn,usdr, 

t,recno  :  integer; 

tc  :  char; 

tdx  :  string  C2] ; 

begin 

clearf  raise ; 

usdr  :=  usedrecs (f ilel ) ; 
if  usdr  =  2  then 
begin 

message ( ' SYSTEM  REQUIRES  2  EXPOSURES  AT  LEAST') 
wait 
end 
else 
begin 

message  (.'»»•»*»  DELETING  EXPOSURE  '-idx*'  ***»**') 

deletekey < index 1 , rn, idx ) ; 

deleterec < f i lei , rn ) ; 

recno  :=  strtoint < idx ) ; 

usdr  :=  usedrecs(f ilel ) ; 

if  recno  <  =  usdr  then 

with  expsr  do 

begin 

f i 11 char <  tdx , sizeof ( tdx  > , 0  > ; 
tdx  :=  inttostr < recno- 1 ) ; 
if  length(tdx)  =  1  then 
insert  < ' 0'  , tdx , 1 ) ; 
f indkey ( index 1 , rn , tdx  > ; 
repeat 

getrec  (  f ilel , rn , expsr ) ; 
t  :=  strtoi nt < index )  -  1; 
index  :  =  inttostr <t) ; 
if  length < index )  =  1  then 
insert ('O', index,!); 
putrec (filel.rn, expsr)  ; 
deletekey ( indexi , rn , tdx ) ; 
addkey ( ind ex l,rn, index) ; 
nextkeyf indexi ,rn,tdx) 
until  not  ok 
end;  (of  if/with) 
closefile(filel) ; 
closeindexl indexi ) : 


th 
gin 
initindex; 

openf ile<filel, dr+cproblei+ ' . del ' , sizeof  <ctr 1 ) ) ; 
openindex  < indexl , dr +cproblem+ ' .  icl ' , aizeof ( index )  ,  0 ) 
clearkey (indexl) ; 
repeat 

next key < indexl , rn , tdx )  ; 

if  ok  then 

begin 

getrec <f i lei , rn , Ctrl >  ; 

for  i  :=  recno  to  usdr  do 

begin 

effectCi]  :=  effect Ci+13; 
end;  (of  for) 

f illchar (effect Ci+13 ,6,0) ; 
putrec (filel,rn,ctrl)  ; 
end 

until  not  ok; 
closef ile(f ilel) ; 
closeindex ( indexl ) 
end;  (of  with) 
initindex ; 

openf ile<filel, dr+cproblem * '  . dxp' , sizeof  <  expsr  > ) ; 
openindex < indexl , dr +cproblem+ ' . ixp' , 

aizeof ( expsr . index ) , 0  > ; 

end  (of  else) 


gin  (of  updatexposure) 
exposuref orm ; 
initindex ; 

openf ile<filel, dr  +cproblem+ '  . dxp ' , sizeof ( expsr ) ) ; 

expno  :=  usedrecs < f i lei ) ; 

openindex  < indexl , dr  +cproblem  +  ' . ixp ' , 

aizeof (expsr. index) ,0) ; 
f i 1 1 char ( idx , sizeof (idx) ,0) ; 
f i 11 char ( expsr .sizeof  < expsr ) , 0) ; 
clearkey ( i ndexl ) ; 
if  next  <>  1  then 
begin 

next key (indexl.rn, idx)  ; 

if  ok  then 

begin 

getrec (filel.rn, expsr)  ; 
writ exposure (expsr ) 
end 

else  goto  cancel 
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do 


witft  expsr  do 
while  ana  <>  'Q' 
begin 

action  < ' UPDATE  EXPOSURES' > ; 
if  uaedrecsCf ilel )  >  =  2  then 
begin 

select <' A ) dd ,  D)elete,  EJdit,  N)ext,  P)revious 

'or  Q)uit:',C'A','D','E','N','P','Q'] ,ans) ; 
clearselect 
end 
else 

ana  : =  ' A'  ; 

case  ana  of 
'A'  :  begin 

action ( ' ADD  EXPOSURE'); 

if  uaedreca ( f i lei )  =  maxexp  then 

begin 

clearframe; 

message ('THE  SYSTEM  CANNOT  HOLD  ANOTHER  ' 

' EXPOSURE' > 

wait; 

goto  cancel 
end ; 

IOexpoaure ( expsr , 'A' ) ; 
addrec<f ilel, rn, expsr) ; 
addkey < indexl , rn , index) ; 
idx  :=  index; 
f indkey ( indexl , rn , idx) 
end ; 

'D'  :  begin 

action < 'DELETE  EXPOSURE'); 
deletexpoaure (cproblera , idx ) ; 
exposureform ; 
i  ;=  strtoint < idx > ; 
clearkey < indexl ) ; 
if  i  <=  usedrecsCf ilel )  then 
f indkey ( indexl , rn , idx) 
else 
repeat 

next key  < indexl ,rn,idx) 
until  ok 
end ; 

'E'  :  begin 

action ( ' EDIT  EXPOSURE'); 
getrec (filel,rn, expsr) ; 

IOexpoaure (expsr, ' E ' ) ; 
putrec(filel,rn, expsr) 
end ; 

'N'  :  repeat 

next key ( indexl , rn , idx ) 
until  ok; 


'  P '  :  repeat 

prevkey  < indexl , rn , idx) 
until  ok 
end;  (of  case) 

if  (ana  in  C '  D'  ,  '  N'  ,  '  P'  3  )  then 
begin 

getrec (f ilel , rn, expar ) ; 
writexpoaure ( expar ) 
end  (of  if) 

end;  (of  with/while) 
t  :=  uaedreca(f ilel ) ; 
if  expno  <  t  then 
begin 

expno  :=  t; 
next  : =  2 
end 
elae 

next  ;=  0; 
expno  :=  t; 

cancel:  cloaef ile(f ilel ) ; 

closeindex ( indexl > ; 

end ; 


(»  get  directory  asks  the  user  to  define  the  drive  he/she 
wants  to  use,  writes  directory  in  the  work  area  and 
aaka  for  a  problem  description.  ») 

overlay  procedure  getdirect-ory ; 
label 

cancel ; 
var 


i  .  J , 

number  :  integer; 

tby 

:  real; 

ch 

:  char; 

idx 

:  atring(2) 

begin 

clearproblem ; 
clearf rame ; 

messageC ' DEFINE  THE  DRIVE  YOU  WANT  TO  USE  FOR  FILES' > ; 
gotoxy ( 16 , 16 ) ; 

write ( ' IT  IS  BETTER  THE  D55  TO  BE  ON  A  DIFFERENT  DRIVE'); 
gotoxy (16,18) ; 

write ( ' DO  NOT  USE  THE  LETTER  C  IF  THERE  IS  NO  HARD  DISK'); 

select  ( 'DRIVE  A,B,C,D,E  or  F :  '  ,  (#65 .  .  #70,  #97 .  .  #102)  ,  c.-> )  ; 

fillchar(dr, sizeof ( dr ) , 0 ) ; 

dr  : =  ch  +  ' : '  ; 

clearf  rame ; 

action < ' DIRECTORY' ) ; 
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openf ile<f ilel ,dr+ ' problem .  dta' , sizeof (problem) ) ; 

If  ok  then 
begin 

initindex ; 

open index ( index 1 , dr+ ' problem . idx' , 

sizeof (problem . problem name) , 0) ; 
clearkey ( indexl ) ; 
i  :=  10; 

3  :  =  l ; 
gotoxy ( 12,7) ; 

write ( 'CHOOSE  ONE  OF  THE  FOLLOWING  OR  CREATE  YOUR  ', 

'OWN  PROBLEM') 

textbackground ( 14 ) ; 
textcolor (0) ; 
gotoxy ( 15,9) ; 
write ( 'PROBLEM: ' ) ; 
gotoxy(27,9) ; 
write ( 'CREATED  BY:'); 
gotoxy ( 56 , 9 ) ; 
write( 'DATE: ' ) ; 
textbackground (z) ; 
textcolor ( x ) ; 

next key ( indexl , number , problem . problemname) ; 
repeat 

getrec ( f i lei , number , problem ) ; 

gotoxy ( 15 , i ) ;  write ( problem . problemname ) ; 

gotoxy (27, i ) ;  write (problem . creator ) ; 

gotoxy (56, i ) :  write (problem .date) ; 

i  :  =  i  ♦  1 ; 

3  :-  3  ♦  l; 

if  (i  >  20)  and  ( usedrecs ( f i lei )  >  3)  then 

begin 

i  :=  10; 
wai  t ; 
cleartext 
end ; 

next key ( indexl , number , problem . problemname ) 
until  not  ok; 
gotoxy (21,21) ; 
textbackground < 3) ; 
textcolor ( 0 ) ; 

wr ite (' Number  of  Problems  in  the  Directory:  ', 

usedrecs  <  f i lei )  : 2 ) ; 

textbackground ( z  )  ; 
textcolor ( x ) ; 
closef ile(filel); 
close index ( indexl ) 
end 
else 
begin 

spaceava 1 lable < tby ) ; 


if  tby  <  30000.0  then 
begin 

message < 'THERE  IS  NOT  ENOUGH  SPACE  ON  DRIVE  '■•■dr) 
wait ; 

next  : =  3; 
goto  cancel 
end ; 

message < '*»»**»  NEW  DIRECTORY  »»*•**'); 
makefile  (f ilel ,  dr-*- '  problem  .  dta'  ,  sizeof  (problem)  )  ; 
make index (indexl, dr ♦'problem.  idx'  , 

sizeof ( problem . problem name ) , 0 ) ; 

closefile(f ilel) ; 
c lose index < indexl ) ; 
end; 

initindex ; 

openf ile  <f i lei ,dr*y problem . dta ' , sizeof (problem ) ) ; 
open index ( indexl , dr ♦ ' problem . idx '  , 

sizeof (problem . problemname ) , 0 ) ; 
action ( 'GIVE  PROBLEM  NAME'); 
gotoxy (4 , 23) ; 

write( 'ENTER  THE  NAME  OF  THE  PROBLEM:'); 
f i 1 lchar ( cproblem .sizeof (cproblem) ,0) ; 
f i 1 lchar ( problem , sizeof (problem) ,0) ; 
inputstr ( cproblem , 8 , 35 , 23 , t#48. .#126) ,tc) ; 
cproblem  :=  upcasestr (cproblem ) ; 
adjuststr (cproblem) ; 
f indkey ( indexl , number , cproblem) ; 
if  not  ok  then 
begin 

spaceavai lable ( tby ) ; 
if  tby  <  10000.0  then 
begin 

closef ile(filel) ; 
close index ( indexl ) ; 
clearf rame ; 

message ( 'THERE  IS  NOT  ENOUGH  SPACE  ON  DRIVE  '*dr> 
wait ; 

next  : =  3; 
goto  cancel 
end ; 

clearselect ; 

gotoxy ( 4 , 23 ) ;  write ( ' ENTER  YOUR  NAME:'); 

inputstr ( problem . creator ,25,21,23, [#32. . #1261 , tc ) ; 

problem . problemname  :  =  cproblem; 

problem . creator  :=  upcasestr (problem . creator ) ; 
getdate < problem . date ) ; 
number  :=  0; 

addrec ( f i lei , number , problem ) ; 

add key ( indexl , number .problem. problemname) ; 

closef ile(filel) ; 

closeindex ( indexl ) ; 

expno  : =  0 ; 
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next  : =  1 ; 
end 
else 

<*  get  key  information  about  the  latest  model  execution  » 

with  problem  do 

begin 

getrec  (f ilel , number , problem ) ; 
wcombindex  :=  wcomb; 
pcombindex  :=  pcomb; 
rcombindex  :=  rcomb; 
wtotalcoat  :=  strtoreal ( wtotcost > ; 
ptotalcost  :=  strtoreal (ptotcost) ; 
rtotalcost  :=  strtoreal < rtotcost) ; 
closef ile(f ilel) ; 
closeindex ( indexl ) ; 

openf ile<f ilel,dr+cproblem*' .dxp' , sizeof (expsr > ) ; 
expno  :=  usedrecsCf ilel) ; 
closef ile<f ilel ) ; 
problemfield (cproblem) 
end; 
cancel : 
end ; 


BEGIN  (OF  DATABASE) 
ans  : =  '  ' ; 
if  flag  then 
begin 

getdirectory ; 

if  next  =  1  then 

begin 

makeproblem < cproblem ) ; 
updatexposuretcproblem, expno) ; 
next  : *  1 ; 

updatecontrol <  cproblem , expno ) 
end ; 

if  next  <>  3  then 
flag  :=  false; 
next  :=  0; 
goto  cancel 
end ; 

while  ans  <>  '6'  do 
begin 

dbasemenu ; 

select < 'SELECT  1,2, 3, 4, 5  or  6  : ' , C ' 1 ' . . ' 6 ' 3 , ans ) ; 
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case  ans  of 

'1'  :  help('D'); 

'2'  :begin 

getdirectory ; 

if  next  =  1  then 

begin 

makeproblem (cproblem) ; 
updatexposureCcproblem, expno) ; 
next  : =  1 ; 

updatecontrol <  cproblem , expno ) ; 
next  : =  0 
end 
end ; 

'3'  :  begin 

clearf  rame ; 

message ('DO  YOU  WISH  TO  DELETE  THE  PROBLEM?'); 
select ('TYPE  C!3  TO  DELETE  OR  ANY  KEY  TO 
'CANCEL' , C#1 . .#126] ,ans> ; 
if  ans  =  ' ! '  then 
begin 

deleteproblem ( cproblem ) ; 
flag  :=  true; 
next  : =  0 ; 
goto  cancel 
end ; 

ans  ; =  '  ' 

end ; 

'4'  :  begin 

updatexposure ( cproble* , expno ) ; 

if  next  =  2  then 

begin 

updatecontrol ( cproblem , expno ) ; 
next  : =  0 
end 
end ; 

'5'  :  updatecontrol (cproblem , expno) 

end  (of  case] 
end;  (of  while) 
cancel  : 

END; 
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MODEL. DS5 


<  * 
<  « 
(  * 
(  * 
<  » 
<  » 
<  * 
<* 


*  ) 
»  ) 


This  is  the  model  execution 
user  can  select  one  or  more 
the  model  run. 


»  ) 

part  of  the  system.  The  ») 
statistical  methods  for  ») 

* ) 
» ) 

»»**»«»»*«**»*»»»»»»•»»•»•) 


overlay  procedure 
label 

cancel , cont 
var 

ana , tans , ch 
f lagl , f lag2 
method 
expdam 
i , rn , ctr lno 
idx 

maximum 
benefit , 
u.y.t 


model ; 


char ; 
boolean ; 
string  C2]  ; 
array  Cl . .maxexp] 
integer ; 
string  C2]  ; 
string  CIO]  ; 

real ; 


of  real ; 


(»  weightedprobabi 1 i ty  computes  the  expected  cost  for 
each  exposure  of  the  exposure  file.  ») 

overlay  procedure  weightedprobabi 1 lty ; 
begin 

initindex ; 

openf ile<filel, dr +  cproblem  * ' . dxp' , sizeof  <  expsr  > ) ; 
open index  < index 1 ,dr  +  cproblem+' .ixp' , 

sizeof  <  expsr. index ) , 0 ) ; 

clearkey ( indexi )  ; 

f i 1 1 char ( expdam .sizeof (expdam) ,0) ; 
f i 1 1 char  < expsr , sizeof (expsr ) , 0 ) ; 
totaloss  : =  0 ; 
with  expsr  do 
repeat 

nextkey( indexi, rn.idx)  ; 

if  ok  then 

begin 

getrec(f ilel ,rn,expar) ; 

l  :=  strtoint ( index ) ; 

expdamCi]  :=  strtorea 1 ( damage )  * 

strtoreal (probability) ; 
totaloss  :=  totaloss  ♦  expdamCi]; 
end 

until  not  ok; 
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closef ile(filel) ; 
close index ( lndexl > 
end; 


(*  pertmethod  computes  the  expected  cost  for  each  exposure 
of  the  exposure  file,  using  the  P.E.R.T.  method 
overlay  procedure  pertmethod; 
begin 

f illchar ( expsr , sizeof (expar) ,0) ; 
initindex; 

openf ile(f i lei , dr +cproblem+ ' .dxp' , sizeof (expsr) ) ; 
open index ( indexl , dr ♦ cproblem+ ' . ixp' , 

sizeof (expsr . index ) , 0) ; 
f illchar ( expdam , sizeof ( expdam ) , 0  > ; 
clearkay ( indexl ) ; 
totaloss  :=  0; 
with  expsr  do 
repeat 

next key ( indexl , rn , idx) ; 

if  ok  then 

begin 

getrec(f ilel,rn, expsr) ; 
i  :=  strtoint ( index) ; 

expdam ti]  :=  (strtoreal (smallest)  ♦ 

4  »  strtoreal (mostlikely) 

♦  strtoreal ( largest ) )  /  6; 

totaloss  : *  totaloss  ♦  expdam Ci3 
end 

until  not  ok; 
closef lie (filel ) ; 
c lose index ( indexl ) 
end ; 


(*  rankingmethod  computes  the  expected  cost  for  each 
exposure  of  the  exposure  file,  using  the  Ranking 
method.  *> 

overlay  procedure  rankingmethod; 
begin 

initindex ; 

openf ile(filel, dr  +  cproblem  + ' . dxp ' , sizeof ( expsr ) ) ; 
openindex ( indexl , dr»cproblam+ ' .ixp' , 

sizeof (expsr. index) ,0) ; 

clearkey ( indexl ) ; 

f i 1 lchar ( expdam , sizeof (expdam) ,0) ; 
f i 1 lchar ( expsr , sizeof (expsr) ,0) ; 
totaloss  :=  0; 
y  :=  In ( 10 ) ; 


with  expsr  do 
repeat 

nextkey ( lndexl ,rn, idx) ; 

if  ok  then 

begin 

getrec(f ilel , rn, expsr ) ; 

u  :=  y  *  (strtoreal(rankP)  *  strtoreal < rankQ)  -  3) 
i  :=  atrtoint (index) ; 
expdamCi]  :=  exp(u)  /  4.0; 
totaioss  :=  totaloss  ♦  expdamCi] 
end 

until  not  ok; 
cloaef ile(f ilel ) ; 
cloaeindex ( indexl ) 
end ; 


(*  ef f ecti vecontrol  computes  the  effectiveness  for  each 
control  activity  in  the  control  file.  If  the  control 
is  an  effective  one  then  it  is  loaded  in  memory  for 
subsequent  computation.  *> 

overlay  procedure  eff ecti vecontrol ; 
begin 

initindex; 

openf  i  le  <  f  ilel ,  dr  ■‘■cproblem*  '  .  del '  ,  sizeof  (Ctrl  >  )  ; 

open index ( indexl , dr+cproblem+' . icl ' , sizeof (Ctrl . index )  ,  0 ) 

clearkey ( indexl ) ; 

fillchar (ctrlmatrix, sizeof (ctrlmatrix) ,0) ; 

f i 1 lchar (Ctrl , sizeof (Ctrl ) , 0) ; 

fillchar (comb, sizeof (comb) ,0) ; 

ctr lno  : *  0 ; 

totalcost  :=  0; 

with  Ctrl  do 

repeat 

nextkey ( indexl , rn , idx ) ; 

if  ok  then 

begin 

benefit  :=  0; 
getrec(f ilel, rn, Ctrl) ; 
for  i  : =  1  to  expno  do 

benefit  :=  benefit  ♦  strtoreal (effect C i 3 )  * 

expdam  [  i ]  ; 

if  benefit  >  strtoreal (cost)  then 
begin 

ctrlno  :=  ctrlno  *  1; 
ctrlmatrix Cctrlno]  :=  Ctrl; 

totalcost  :=  totalcost  *  strtorea 1 ( cost ) ; 
combCctrlno]  :=  index 
end 


message < 'CONTROL  '  +  copy (description, 1 , 

length (description) >  ♦'  IS  NOT  EFFECTIVE') 
delay (2000) ; 
cl ear message 
end 
end 

until  not  ok; 
closef ile(£ilel ) ; 
closeindex ( indexl ) ; 
end ; 


(»  controlsets  generate  all  the  possible  control  sets 
and  updates  the  problem  record  in  the  directory  of 
the  system.  It  has  the  ability  also  to  create  and 
delete  the  set  files.  •) 

overlay  procedure  controlsets ( maxcost  :  real); 
label 

cancel ; 
var 

i , 3 , k , 1 , maxcomb , p , rn  :  integer; 
coat , value, sef f , tby , 
f ilebytes, indexbytes  :  real; 

combination  :  array C 1 .. maxctrl ]  of  char; 

(»  binary  converts  a  decimal  number  to  its  binary 
representation.  Its  purpose  is  to  generate  the 
combinations  of  the  control  activities.  *) 

procedure  binaryCk  :  integer); 
var 

j  :  integer; 
begin 

for  j  : =  1  to  ctrlno  do 
begin 

if  k  mod  2<>0  then 
combination C j ]  :=  '1' 

else 

combination C j ]  :=  'O'; 

k  :=  k  div  2 
end  (of  for) 
end ; 

begin 

maxcomb  :=  round < exp ( In < 2 >  *  ctrlno))  -  1; 

<»  computed  the  size  in  bytes  of  the  set  file  »> 
filebytes  :=  <sizeof(st)  »  1.0)  *  maxcomb; 
indexbytes  :=  ( < (sizeof (st.Ck)  *  5>*  (order »3)  •  1.0>  * 

maxcomb ) /order ; 

<*  ask  the  available  bytes  of  the  specified  drive  •> 
spaceavai 1  able ( tby ) ; 


vv/. 


if  tby  <  <f ilebytes+indexbytes)  then 
begin 

message < 'THERE  IS  NOT  ENOUGH  SPACE  ON  DRIVE' *dr) 
£lag2  :=  true; 
goto  cancel 
end; 

textbackground(3) ; 
initindex; 

makefile (filel ,  dr+cproblem-*- '  . '  «■  method  '  dt '  , sizeof  (st) ) ; 
makeindex(indexl,dr+cproblem+'  .  '  +method+'  ic'  , 

sizeof (st .Ck) , 1)  ; 

P  :=  0; 
with  st  do 

for  i  ; =  1  to  maxcomb  do 
begin 

f illchar ( st , sizeof ( st ) , 0 ) ; 

fillchar(combination, sizeof (combination) ,0) ; 
binary ( i ) ; 
cost  :=  0.0; 

for  3  :=  1  to  ctrlno  do 

if  combination C 3 ]  =  '1'  then 

cost  :=  cost  ♦  strtoreal (ctr lmatr ix ( 3 3 . cost ) ; 
if  maxcost  >=  coat  then 
begin 

value  :=  0.0; 

for  3  : =  1  to  expno  do 

begin 

seff  : =  0.0; 

for  1  : *  1  to  ctrlno  do 
if  combination  Cl]  =  '1'  then 
seff  :=  seff  ♦  (1  -  seff)  * 

strtoreal (Ctrl matrix  1 1 3  . effect  C  3  3 ) ; 
value  :=  value  +  seff  »  expdam(33 
end;  (of  for  3} 


(*  Keep  only  the  effective  control  sets  *) 

if  value  >  cost  then 

begin 

1  :  =  0; 

for  3  : =  1  to  ctrlno  do 

if  combination C 3 3  c  '1'  then 
begin 

1  :=  1  «■  1; 

setcomb(13  :=  ctr lmatrix C 3 3 . index 
end ; 

P  :=  P  ♦  i; 

gotoxy ( 31 , 21 ) ;  write (' Number  of  Sets 

str ( value :l0:0,Vk) ; 

str < ( totaloss  -  value) : 10:0,Lk) : 

str ( cost : 10 ; 0 , Ck ) ; 

str ( (value  -  cost ) ; 10 : 0 , Nk ) ; 

str (( totaloss  -  value  ♦  cost ) : 10 : 0 , TCk > ; 


,  P :  4 ) 
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str( (value  /  cost ) : 5 : 4, BCR)  ; 

If  strtoreal (BCR)  <  10.0  then 
insert('  ',BCR,1); 
addrec(f ilel ,rn,st) ; 
addkey ( indexl ,rn,Ck) ; 
end 
end 

end;  (of  for  1) 

gotoxy ( 31 , 21 ) ;  write(conststr ( '  ',20)>; 

if  usedrecs(filel)  =  0  then 

begin 

closef i le ( f 1 lei ) ; 
closeindex ( indexl )  : 

assign ( f 1 , dr*cproblem+' . ' * method* ' dt ' ) ; 
eras*  ^  f 1 ) ; 

assign ( f 1 . dr*cproblem* ' * met hod* ' ic ' ) ; 
erase ( f 1 ) 
end 
else 
begin 

c 1 osef ile(filel) ; 
closeindex ( indexl ) ; 
if  totalcost  >  maxcost  then 
totalcost  :=  maxcost; 
case  method  of 
'w'  ;  begin 

wcombindex  :=  comb; 
problem . wcomb  :=  comb; 
wtotalcost  :=  totalcost; 
st r (totalcost: 10 : 0 , problem . wtot cost > ; 
adjuatstr (problem . wtotcost ) 
end  ; 

'p'  :  begin 

pcombindex  :=  comb; 
problem . pcomb  ;=  comb; 
ptotalcost  ;=  totalcost; 
str ( totalcost : 10 : 0 , problem . ptotcost ) ; 
ad justs tr  <  problem . ptotcost) 
end ; 

'r'  :  begin 

rcombindex  :=  comb; 
problem . rcomb  :=  comb; 
rtotalcost  :=  totalcost; 

3tr ( totalcost : 10 : 0 , problem . rtotcost ) ; 
adju3tstr(problem. rtotcost ) 
end 

end;  (of  case) 

openf ile(filel,dr*' problem . dta ' , sizeof <  problem ) ) 
open index ( indexl , dr  +  ' problem . idx ' , 

s izeof < problem . problemname ) ,0) 
findkey(indexl,rn, cproblem ) ; 
putrec (filel.rn, problem ) ; 


closef i le ( f i lei ) ; 
close index  < index 1 > 
end ; 

cancel:  textbackground <z) 
end ; 

BEGIN  (OF  MODEL) 
ans  :  =  '  '  ; 
flagl  false; 
while  ans  <>  '&'  do 
begin 

if  not  flagl  then 
begin 

modelmenu ; 

select (' SELECT  1,2, 3, 4, 5  or  6  : ' , C ' 1 ' . . ' 6 ' ] , ans ) 

clearf rame ; 
tans  : =  ans 
end ; 

if  ans  =  '5'  then 
begin 

flagl  :  =  true; 
ans  : =  ' 0'  ; 
tans  :=  '2' 
end ; 

ch  :=  #0; 
case  tans  of 

'1'  :  help  < ' 0' ) ; 

'2'  :  begin 

method  : =  ' w'  ; 

action < 'MODEL  /  WEIGHTED  METHOD'); 
end ; 

'3'  :  begin 

method  : =  'p' ; 

action ( 'MODEL  /  P.E.R.T.  METHOD'); 
end ; 

'4'  :  begin 

method  : =  ' r ' ; 

action< 'MODEL  /  RANKING  METHOD'); 
flagl  :=  false 
end ; 

'6'  :  goto  cancel 

end;  (of  case) 

if  tans  in  t'2'..'5')  then 
begin 

openf ile<filel,dr+cproblem*' . '+method+'dt' , 

sizeof ( st ) ) ; 

if  ok  then 
begin 

cl osef i le ( f i lei ) ; 

message( 'THERE  15  ALREADY  FILE  FOR  THAT  METHOD') 
select <' SELECT  D)elete,  R)un  or  any  key  to  cancel:' 

(#1 . .#126) , ch ) ; 


t 
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cl ear message; 
clearselect ; 
end ; 


if  ch 
begin 


in  I'D' 


'R' ,#03 


then 


if  ch  in  I'D','R']  then 
begin 

assign  <f 1 , dr+cproblem+ ' . ' + method ♦ '  dt ' 
erase (fl > ; 

assign (f 1 , dr+cproblem* ' . ' * method* ' ic' 
erase (f 1 ) 
end ; 


>  ; 
> ; 


if  ch  =  '  D'  then 
goto  cont; 
case  tans  of 

'2'  :  weightedprobability ; 

'3'  :  pertmethod; 

'4'  :  rankingmethod 


end ; 

ef f ect i vecontrol ; 

if  totalcost  <  1.0  then 

begin 

message < 'CANNOT  COMPUTE  SETS  WITHOUT  EFFECTIVE  ' 

'CONTROLS' ) 


wait ; 
goto  cont 
end ; 

if  ctrlno  *  1  then 
begin 

message < 'CANNOT  COMPUTE  SETS  WITH  ONLY  ONE  ' 

'EFFECTIVE  CONTROL') 

wait ; 
goto  cont 
end ; 

if  totaloss  >  totalcost  then 
t  :=  totalcost 
else 

t  :=  totaloss; 
gotoxy  <20 ,  8 ) ; 

write( 'Total  Damage  Due  To  Exposures 

total oss : 10 : O ' 

gotoxy  <  20 , 10 ) ; 

wr i te  < ' Cost  to  Implement  All  Controls 

total  cost  :  . 

gotoxy (13,14)  ; 

writeC'Give  The  Maximum  Amount  You  Wan*  To 

'Spend  On  Conti..-*' 

gotoxy < 29 , 1 5 ) ;  write( 'or  press  Enter  tot  A,, 
gotoxy  <  30 ,17);  wr l te (  ' M A X  I M UM  :  S'); 

str (t: 10:0, maximum) ; 
adjuststr(maximum)  ; 

inputstr<maximum,10,42,17, ('0' . . 1 ,  <r  h  » ; 
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clearf rame; 

message ( ' PLEASE  WAIT'); 
controlsets < strtoreal < maximum ) ) 
if  flag2  then 
begin 

flag2  :=  false; 
goto  cont 
end; 

cl ear message 
end 
end ; 

cont:  if  flagl  then 
begin 

tans  :=  chr ( ord ( tans ) ♦ 1 ) ; 
clearmessage 
end 

end;  (of  while) 
cancel : 


SENSANAL.DSS 
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This  is  the  sensitivity  analysis  part  of  the  system. 
It  consists  of  procedures  for  control  strategy 


selection,  graphics  and  report  printouts. 


* ) 
» ) 
*  > 
*) 
» ) 
» ) 
* ) 
* ) 


overlay  procedure  sensitivityanalysis; 
var 

a,b  :  plotarray; 

i , 3 , k,rn,ctrlno, 
maxNKrn , maxBCRrn  :  integer; 
maxNk , maxBCR , 

low, high, key  :  stringCIO]; 

idx  :  string  C2J  ; 

ana, method, tc  :  char; 


(*  inputlimits  prompts  the  user  to  give  the  desired  cost 

range  within  which  the  set  files  will  be  searched.  *) 

procedure  inputlimits; 
begin 

clearf rame ; 
case  method  of 

'W'  :  totalcost  ;=  wtotalcost; 

'P'  :  totalcost  :=  ptotalcost; 

'R'  :  totalcost  ;=  rtotalcost 

end ; 

cl ear key  ( index2 ) ; 
next key ( index2 ,rn,key> ; 
getrec ( f i le2 , rn , st ) ; 
ad 3 uststr < st . Nk ) ; 
adjuatatr ( st . TCk ) ; 

totaloss  :=  strtoreal (st.Nki  +  strtoreal C st . TCk ) ; 
gotoxy (19,7) ; 

write( 'Total  Damage  Due  To  Exposures  totaloss : 10 : 0 ) ; 
gotoxy (19,9) ; 

wr ite (' Maximum  Cost  in  the  Set  File  totalcost : 10 : 0 ) ; 

gotoxy (12,15); 

write( 'Give  the  Cost  Range  over  which  the  Search  will  be 

done : ' ) : 

gotoxy ( 29 , 17 ) ;  write( 'Low  Limit  :  S'); 
gotoxy ( 29 , 19 ) ;  write('High  Limit  :  S'); 
repeat 

f i 1 lchar ( low ,10,0) ; 

£ i 1 lchar (high, 10,0) ; 


textbackground < 14) ; 
textcolor <0> ; 

gotoxy <44, 17) ;  write (conststr < '  ',10)); 
gotoxy <44, 19) ;  write < conststr < '  ',10)); 

input3tr  < low, 10,44 , 17 ,  C ' 0 ' . . ' 9 ' ] , tc) ; 
inputstr <high, 10,44,19, t'0'..'9'],tc); 
if  strtoreal <high)  <=  strtoreal < low)  then 
begin 

message  < 'CHECK  YOUR  ENTRY.  ••HIGH"  MUST  BE  GREATER  ' 

'THAN  "LOW') 

wai  t ; 

clear message 
end 

until  strtoreal <high )  >  strtoreal < low ) ; 
while  length<low)  <  10  do 
inaertt '  ',low,l); 

while  length<high)  <  10  do 
insert!'  ',high,l); 


<*  use  opens  the  files  most  commonly  used  in  the 
sensitivity  analysis  process.  ») 

procedure  use<cproblem  :  str8;  method  :  char); 
begin 

initindex ; 

openf i le  <  f i lei , dr  •‘■cproblem* '  . del ' , sizeof (ctr 1 ) > ; 
open  index  <  index  1 ,  dr  +  cproblem-* '  .  icl '  ,  sizeof  (ctr  1 .  index  )  ,  0  ) 
openf i le ( f i le2, dr ♦cproblemt ' . ' ♦method* ' dt ' , sizeof ( at ) ) ; 
open index ( index2,dr*cproblem* ' . ' ♦ method * ' ic' , 

sizeof (at. Ck ) , 1 ) 

end ; 


<*  closefiles  closes  files  opened  with  the  use  procedure  *) 

procedure  closefiles; 

begin 

closef i le ( f i lei ) ; 
close index  < indexl ) ; 
closef i le ( f i le2 ) ; 
closeindex < i ndex2 ) ; 
end ; 

overlay  procedure  contro 1  strategy ; 
label 

cancel ; 
var 

tloss  :  real ; 
title  :  3tring[60); 

begin 

ans  : =  '  '  ; 

wh ile  ans  <>  '4' 

begin 


do 


control strategy menu ; 

select < 'SELECT  1,2,3  or  4  :  ' , C ' 1 ' . . ' 4 ' ] , ans> ; 
if  ans  =  '1'  then 
help('B') 
else 

while  ana  <>  '4'  do 
begin 

clearframe; 

select <' SELECT  W)eighted,  PJ.e.r.t,  R)anking 

or  Q)uit:', t'W','P','Q','R'] .method) 

clearselect ; 

if  method  =  'Q'  then  goto  cancel; 

openf ile(filel,dr+cproblem+' . ' + method + ' dt ' , 

sizeof (st ) ) ; 

if  not  ok  then 
begin 

clearframe ; 

message < ' YOU  MUST  RUN  THE  MODEL  FIRST'); 
wait; 

goto  cancel 
end ; 

f i 1 1 char (maxNk ,10,0); 
f i 1 lchar  <  maxBCR, 10,0) ; 
case  method  of 

'W'  :  title  :=  'WEIGHTED  METHOD:  '; 

'P'  :  title  :=  'P.E.R.T.  METHOD:  '; 

'R'  :  title  :=  'RANKING  METHOD:  '; 

end;  (of  case) 
closef ile(f ilel) ; 
use ( cproblera , method ) ; 
inputlimits; 
key  :=  low; 

searchkey ( index2 , rn , key ) ; 
if  ok  and  (key  <=  high)  then 
with  st  do 

begin 
repeat 

getrec (f i le2 , rn , st ) ; 
ad 3  uststr <  Nk ) ; 
ad] uststr < BCR ) ; 

if  strtorea 1 < Nk )  >  strtorea 1 < maxNk )  then 
begin 

maxNk  :=  Nk; 

maxNkrn  : =  rn 


if  strtoreal <BCR>  >  strtoreal (maxBCR)  th 
begin 

■axBCR  :=  BCR; 
maxBCRrn  :=  rn 
end; 

nextkey  < index2 , rn , key  ) 
until  not  ok  or  (key  >  high); 
if  ana  *  '2'  then 
begin 

title  :=  title  ♦  ' THE  MOST  EFFECTIVE  SET'; 
rn  : =  maxNkrn 
end ; 

if  ana  =  '3'  then 
begin 

title  :=  title  ♦  'THE  MOST  COST  EFFECTIVE  SET 
rn  : *  maxBCRrn 
end ; 

clearf rame ; 

f i llchar ( at , aizeof ( at ) , 0 ) ; 
gotoxy < 10, 6) ;  wr i te < ti t le ) ; 
getrec(f ile2,rn,st) ; 

3  :=  7; 

for  i  : =  1  to  maxctrl  do 
if  aetcombti]  <>  "  then 
begin 

j  :=  3  +  l; 

f indkey ( index 1 , rn ,aetcomb  Ci] ) ; 
getrec ( f ilel , rn , Ctrl ) ; 

gotoxy  < 10, j ) ;  write( 'CONTROL  ',idx,':  ', 

Ctrl .description) 

end ; 

if  j+8  >  21  then 
begin 
wait; 

clearf rame ; 

3  7 

end  ; 

gotoxy<  3, j+2) ;write( 'Value  of  Control  Set  :',Vk 
gotoxy < 43 , j *2 ); write (' Cost  of  Control  Set  : ' , Ck 
gotoxy<  3, j *3) ; write (' Total  Expected  Benefit:',Nk 
gotoxy ( 43 , j +3) ; write (' Total  Expected  Cost  :',TCk 
gotoxy < 25 , j *5 ); write (' Benef i t  Cost  Ratio  : ' , BCR 
gotoxy  <12,j+7) ; 

write( 'Prior  Expected  Damage  Due  to  Exposures:', 

totaloss : 8 : 0) 


strtoreal (Vk> 


adjuststr <Vk> ; 
tloas  : =  totaloas 
goto xy ( 12, j +8) ; 
write('Post  Expected  Damage  Due  to  Exposures:', 

tloas : 8 : 0 ) 

wait ; 

closef lies 
end  (of  if/with) 
else 
begin 

message ('THERE  IS  NO  ANY  SET  WITHIN  THAT  RANGE') 
wait 
end 

end;  (of  while) 
cancel : 

end  (of  while) 
end; 
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overlay  procedure  graphics; 
label 
cancel ; 
var 

ans  :  char; 

title  :  string[16]; 

currentaction  :  string C40]  ; 

Ylmin , Ylmax , 

Y2min , Y2max , 
tempi , temp2 , 
prevCk, prevBCR, 
prevTCK  :  real; 

bestsetl , 

bestset2,i  :  integer; 

flagl,flag2  Iboolean; 

(*  computegraph  computes  the  values  of  the  plotarrays 
which  will  be  used  by  the  makegraph  procedure  to 
draw  the  graphs.  *) 

overlay  procedure  computegraph; 
var 

ti  :  integer; 
begin 

if  flag2  then 
ti  :=  MaxPlotGlb 
else 

ti  :=  24; 

use (cproblem , method ) ; 
inputl imi ts ; 

message ( ' PLEASE  WAIT  FOR  THE  PREPARATION  OF  THE  GRAPH'); 
i  .'  =  0 ; 
key  :=  low; 

searchkey ( i ndex2 , rn , key ) ; 

Ylmin  :=  9.99E+20; 

Ylmax  : =  0.0; 

Y2min  :=  9.99E+20; 

Y2max  :=  0.0; 

if  ok  and  (key  <=  high)  then 
with  at  do 
begin 
repeat 

if  i  <  ti  then 
begin 

getrec (file2,rn,st); 

adjuatatr (key) ; 

adg uatstr < BCR ) ; 

ad j uststr ( TCk ) ; 

tempi  :=  strtorea 1 ( BCR ) ; 

temp2  :=  strtoreal (TCk) ; 
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ati,l]  then 


if  strtoreal (key )  = 
begin 

if  tempi  >  aCi,2]  then 
ati,2]  :=  tempi; 
if  temp2  <  bCi,2]  then 
bCi,2]  :=  temp2 

end 

else 

begin 

i  :=  i  +  1; 

aCi,13  :=  strtoreal (key > ; 
b£i,13  :=  strtoreal (key) ; 

a£i,23  :=  tempi; 

b£i,23  :=  temp2 

end ; 

if  Ylmax  <  tempi  then 

begin 

Ylmax  :=  tempi; 
bestsetl  : =  rn 
end; 

if  Ylmin  >  tempi  then 

Ylmin  :=  tempi; 
if  Y2min  >  temp2  then 

begin 

Y2min  :=  temp2; 
bestset2  :=  rn 
end ; 

if  Y2max  <  temp2  then 
Y2max  : *  temp2 

end ; 

nextkey ( index2, rn, key) 
until  not  ok  or  (i  =  ti)  or  (key  >  high); 
if  (i  =  ti)  and  (key  <  high)  and  ok  then 
begin 

high  :=  key; 

message (' Cannot  Graph  All  Sets.  Cost  Range  Has  Been' 

'  Adjusted' ) 

wait 

end 

end  (of  if/with) 

else 

begin 

message ( 'THERE  IS  NO  ANY  SET  WITHIN  THAT  RANGE') 

flagl  ;=  true; 

wait; 

clearf rame 
end 


overlay  procedure  makegraph; 
var 

2  :  Integer; 

step  :  real; 
numtext  :  string  171; 
begin 

If  i  <  2  then 

message < 'CANNOT  WAKE  GRAPH  WITH  LESS  THAN  2  SETS') 

else 

begin 

initgraphic; 
setbreakof f ; 
setmesaageof f ; 
setlinestyle(O) ; 
setf oregroundcolor <0) ; 

(*  draw  the  first  graph  (upper  left  side)  *) 

def i new indow< 1,0,0, trunc(Xmaxglb/l .5) , trunc(Ymaxglb/2) ) ; 

def ineheaderd, 'BENEFIT  COST  RATIO  VS  COST  FOR  '+title); 

if  flag2  then 

begin 

def ineworld  < l,aCl,13/1.02,Ylmin/l.l,aCi,l]»1.02, 

Ylmax» 1 . 1 ) ; 

selectwindow ( 1 ) ; 
selectwor Id  < 1 ) ; 
setheaderon ; 
setbackground(O) ; 
drawborder ; 

drawaxls(9,9,0,0,0,0,0,0,false) ; 
drawpolygon (a, 1,1,4, 1,0) 
end 
else 
begin 

def ineworld (1 , a  C 1 , 1 ] ,Ylmin/l.l,aCi,l] , Ylmax»l . 2) ; 

selectwindow  <1 ) ; 

selectworld  <1 ) ; 

setheaderon ; 

setbackground <0) ; 

drawborder ; 

drawhiatogram (a, i, true, 4); 

drawtextWCa Cl , 1] , Ylmax*0.07  +  Ylmin/1.1,1, 

'Costs  below  are  in  Thousands  of  Dollars  (rounded)'); 

f i 1 1 char (numtext , sizeof (numtext) ,0) ; 

step  :=  (aCi.l] -aCl,l] )  /  i; 

for  j  : =  1  to  i  do 

begin 

str(round(atj,l] / 1000 ) : 7 , numtext ) ; 
ad j uststr ( numtext ) ; 

drawtextW ( a  C 1 , 1 J ♦step* ( j -1 ) , Ylmax*0 . 18  +  Ylmin/l.l,l, 

'  '♦  copy ( numtext , 1 , length ( numtext )) ) 

end 
end ; 
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<»  draw  the  second  graph  at  the  lower  left  side 
of  the  screen.  ») 

def inewindow(2, trunc (Xmaxglb/3) , trunc ( Ymaxglb/2 ) , 

Xmaxglb, Ymaxglb ) ; 

def ineheader <2,  ' TOTAL  EXPECTED  COST  VS  COST  OF  CONTROL', 

'  /  '♦  title); 

if  flag2  then 
begin 

flag2  : =  false; 

def ineworld (2, b  Cl , 13 /1 .  02, Y2min/1 . 02,bCi,13«1.02, 

Y2max*l .02) ; 

selectwindow (2) ; 
selectworld (2) ; 
setheaderon ; 
setbackground(O) ; 
drawborder ; 

drawaxi s  <9, 9, 0,0, 0,0, 0,0, false); 
drawpolygon (b, 1,1,4, 1,0) 
end 
else 
begin 

def ineworld  <2, bCl,l] , Y2min/1 . 1 , b  Ci , 1] , Y2max*l . 2) ; 

selectwindow ( 2 ) ; 

selectworld (2) ; 

setheaderon; 

setbackground (0) ; 

drawborder ; 

drawhistogram (b, i , true, 4) ; 

drawtextW (b Cl , 13 , Y2max*0. 07  +  Y2min/1 . 1 , 1 , 

'Costs  below  are  in  Thousands  of  Dollars  (rounded)'); 

fillchar<numtext,sizeof (numtext) ,0) ; 

step  :=  (b  Ci,  1] -b  Cl,  13  )  /  i; 

for  j  : =  1  to  i  do 

begin 

str ( round  <  b  C  j , 1 3 / 1000 ) : 7 , numtext ) ; 
adjuststr < numtext ) ; 

drawtextW <b Cl , 13  +step*  <  j -1 ) , Y2max»0 . 18*Y2min/ 1 .1,1, 

'  '+  copy (numtext , 1 , length (numtext) ) ) 

end 

end; 

gotoxy ( 55, 1 ) ;  write (' GRAPHS  OVER  THE  RANGE;'); 
gotoxy(59,2) ;  write('Low  ; ' +  low); 
gotoxy(59,3)  ;  wri  te  ( '  High  :  '  «■  high); 
gotoxy<55,4) ;  wri te (' Number  of  Sets  :',i:3); 
getrec(f i le2 , best set 1 ,st) ; 
adjuststr (st . BCR) ; 
adjuststr (st .Ck) ; 

gotoxy (60,8) ;  write('<<==  THE  BEST  SET  '); 
gotoxy(59,9) ;  write('BCR  •  ',st.BCR); 

gotoxy  ( 59 , 10 )  ;  write(  'Cost  of  s*=t.  .  ',st.Ck); 
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getrec(file2,bestset2,st) ; 
adjuststr <at .TCk> ; 
adjuststr(st.Ck)  ; 

gotoxy <5, 18) ;  write('THE  BEST  SET  ==>>'); 

gotoxy ( 1 , 20) ;  write  <  'Expected  cost:  ',st.TCk); 

gotoxy  <  1 , 21 )  ;  write  (■'Coat  of  set:  ',st.Ck); 

gotoxy ( 1 , 24)  ;  writeC 'press  any  key  ...'); 

setf oregroundcolor (2)  ; 

read ( kbd, ans ) ; 

leavegraphic ; 

textmode; 

textcolor (x) ; 

makef rame; 

problemf ield(cproblem)  ; 
action < currentaction ) ; 
putdate 
end ; 

closef ilea; 
d; 


(  of  graphics) 


gin 

ans  : =  '  ' ; 
flagl  : =  false; 
flag2  : =  false; 


while  ans  <>  '4'  do 
begin 

graphicsmenu; 

select ( ' SELECT  1,2,3  or  4  :  '  ,  C ' 1 ' . . ' 4 ' 3 , ans) ; 
if  ans  =  '1'  then 
help ( ' G ' ) ; 


while  (ans  <>  '1')  and  (ans  <>  '4')  do 
begin 

select (' SELECT  W)eighted,  P).e.r.t,  R)anking 
or  Q) uit :  ', C'W','P','Q','R'], method) 

if  method  =  'Q'  then  goto  cancel; 
openf ile ( f ilel , dr+cproblem+ ' . ' ♦ method* ' dt ' , 

sizeof (st ) ) 


if  not  ok  then 
begin 

clearf rame; 

message ('YOU  MUST  RUN  THE  MODEL  FIRST'); 
wait ; 

goto  cancel 


if  ok  then 
begin 

if  usedrecs ( f ilel )  <  2 
begin 

clearf rane; 
message ( ' CANNOT  HAKE 

closef ile < f i lei ) ; 
wait; 

closef ile (file 1 > ; 
goto  cancel 
end ; 

closef ile(filel) ; 

case  method  of 

'W'  :  title  :=  ' WEIGHTED  METHOD  '; 

'P'  ;  title  :=  'P.E.R.T.  METHOD  '; 

' R'  :  title  :=  'RANKING  METHOD  '; 

end  (of  case) 

end;  (of  if  ok) 

case  ans  of 
'2'  :  begin 

currentaction  Is  'GRAPHICS  /  CURVE'; 
action(currentaction) ; 
f lag2  ;=  true; 
computegraph; 
if  not  flagl  then 
makegraph; 
flagl  :=  false; 
ans  : =  '2' 
end ; 

'3'  :  begin 

currentaction  'GRAPHICS  /  HISTOGRAM  ; 

action  <  currentaction ) ; 
computegraph; 
if  not  flagl  then 
makegraph ; 
flagl  :=  false; 
ans  : =  '3' 
end 

end  (of  case) 

end;  (of  while) 
cancel : 

end  (of  while) 
end ; 


then 

GRAPH  WITH 


LESS  THAN  2 
SETS' )  ; 
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overlay  procedure  printfiles; 
var 

ans  :  char; 

overlay  procedure  controlef fectable; 
var 

header  :  string C803 ; 
idx  :  string  C23 ; 
i  :  integer; 

begin 

action < ' PRINTER  /  CONTROL  TABLE'); 

£illchar(ce, sizeof (ce) ,0) ; 

f illchar (header , sizeof (header) ,0) ; 

writeln  < 1st, #12, ' D  ECISION  SUPPORT 

'SYSTEM' :62) ; 

writeln < 1st, conststr ( '-',47); 63); 
writeln  < 1st ) ; 

writelndst, 'COST  EFFECTIVENESS  ANALYSIS' :54)  ; 
writeln  < 1st , ' FOR' ; 41 ) ; 

writelndst, 'CONTROL  &  SECURITY  OF  COMPUTER  ', 

'SYSTEMS' :62) ; 

writeln (1st ) ; 
writeln ( 1st) ; 

writelndst, 'CONTROL  ACTIVITIES  FOR  WORK  ' -cproblem ) 

openf ile<  f i lei , dr+cproblem* ' . del ' , sizeof ( Ctrl ) ) ; 

◦pen index  < index 1 , dr *cproblem+ ' . icl ' , 

sizeof (Ctrl . index) ,0) ; 
ctrlno  :=  usedrecs(f ilel ) ; 
clearkey ( indexl )  ; 
header  :=  'EXPOSURE  ! 
i  :  =  0; 
repeat 

nextkey ( indexl , rn , idx) ; 

if  ok  then 

begin 

i  :  =  i  ♦  1 ; 

getrec( filel , rn,ctrl) ; 

writeln ( 1st , Ctrl . index , '  ' ,ctrl .description) ; 

ceCi]  :=  Ctrl. effect; 
ccCi]  :=  Ctrl. cost; 

header  :=  header  +  Ctrl. index  +'  ! 

end 

until  not  ok; 
closef lie ( f i lei ) ; 
closeindex ( indexl ) ; 
writeln ( 1st ) ; 
writeln( 1st)  ; 

wr iteln ( 1st EXPOSURES  FOR  WORK  '+cproblem); 


openf  i  le  (  f  i  lei ,  dr+cproblem-*- '  .  dxp'  ,  sizeof  (expar)  )  ; 
open index ( indexl , dr +cproblem+ ' . ixp' , 

aizeof (expar. index) ,0) ; 

clearkey (indexl) ; 
repeat 

nextkey ( indexl ,rn, idx ) ; 

if  ok  then 

begin 

getrec(f ilel ,rn,expsr) ; 

writeln ( 1st, expar . index, '  ' , expar . description) 

end 

until  not  ok; 
closefile(filel) ; 
cloaeindex ( indexl ) ; 
writeln ( 1st) ; 
writeln (1st) ; 
writelndst ) ; 

writeln ( lat .conststr ( ' = ' ,80) ) ; 

writelndst, 'EFFECTIVENESS  OF  CONTROL  a(i)  ON  EXPOSURE  ', 

' e ( i ) ' : 70 ) ; 

writeln (1st , header ) ; 

writeln ( 1st , const str ('-',80)); 

for  i  : =  1  to  expno  do 

begin 

writedst,  i  :6,  '  !'); 

for  2  i *  1  to  ctrlno  do 
writedst ,  ce  tj  ,  i]  :6, '  '); 
writeln (1st ) ; 
end ; 

writeln ( 1st) ; 
writedst, 'COST  a(i)!'); 
for  i  : =  1  to  ctrlno  do 

wr i te ( 1st , strtoreal (ccCi3):6:0,'  '); 

writeln ( 1st ) ; 

writeln ( 1st , conststr ( ' = ' , 80) ) 
end ; 


overlay  procedure  exposuretable ; 
begin 

action( 'PRINTER  /  EXPOSURE  TABLE'); 

writelndst, #12, 'DECISION  SUPPORT  SYSTEM' :53); 
writeln (1st , conststr ( ' - ' , 47 ) : 63  > ; 
writeln( 1st) ; 

writelndst, 'COST  EFFECTIVENESS  ANALYSIS':54)  ; 
writelndst,  'FOR'  :41)  ; 

writeln(  1st, 'CONTROL  S.  SECURITY  OF  COMPUTER 

SYSTEMS. ' :62) ; 

writeln ( 1st ) ; 
writeln( 1st) ; 
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writelnClst, 'EXPECTED  LOSSES  CAUSED  BY  EXPOSURES  FOR  WORK 

♦  '  ' ♦cproblem : 66 ) 

i  :  *  9; 
writeln  < 1st ) ; 
writeln < 1st) ; 
writeln ( let) ; 

openf ile(f ilel , dr ♦cproblem* ' . dxp' , sizeof (exper ) ) ; 
open  index  (  indexl ,  dr +cproblem«-  '  .  ixp'  , 

sizeof (expar . index) ,0) ; 
writeln < 1st , ' THE  WEIGHTED  METHOD' : 48) ; 
writeln  < 1st , conststr  C ' * ' ,80) ) ; 

writelnClst, 'POTENTIAL  ERRORS' : 37, ' AMOUNT  0F':28, 

'PROB/TY  OF' : 15) 

writelnClst,  'DAMAGE'  *.  64 ,' OCCURENCE'  :15)  ; 
writeln  C 1st , conststr  C ' - ' , 80 ) ) ; 
clearkey C indexl ) ; 

3  :=  17; 

with  expar  do 

repeat 

nextkey C indexl , rn, idx ) ; 
if  ok  then 
begin 

3  :=  3  ♦  l; 

getrecCf ilel , rn, expsr ) ; 
k  ; =  50  -  lengthCdescription) ; 

writeln C 1st , index, '  ', description , conststr C '  ',k> 

damage: 11 , probabi 1 i ty : 12) 

end 

until  not  ok; 

writeln C 1st , conststr C ' = ' ,80) ) ; 
i  :■  3  -  i  ♦  2; 
if  j  +  i  >  56  then 
writeC 1st, #12) ; 
writeln  C 1st) ; 
writeln  C 1st ) ; 
writeln  C 1st) ; 

writelnClst, 'THE  P.E.R.T  METH0D':48); 
writeln  Cist,  conststr  80 )  >  ; 

writelnClst, 'POTENTIAL  ERRORS ': 37 ,' AMOUNT  OF  DAMAGE' :37) 
writelnClst, 'smallest' : 61 , ' m . likely' :10,' largest' : 9) ; 
writeln  C 1st , conststr  C ' - ' , 80) > ; 
clearkey  C indexl ) ; 


with  expsr  do 
repeat 

nextkey < indexl , rn , idx) ; 

if  ok  then 

begin 

getrec(f ilel,rn, expsr) ; 
k  : =  50  -  length(description) ; 

writeln < 1st , index , '  ', description , conatatr ( '  ',k) 

smallest : 8, most likely : 10, largest : 9) 

end 

until  not  ok; 

wr iteln  < 1st, conststr ( '  =  ' , 80 ) > ; 
writeln ( 1st) ; 
writeln  < 1st  > ; 
writeln< 1st) ; 

writeln < 1st , ' THE  RANKING  METHOD' :48>; 
writeln  < 1st , conststr < ' = ' , 80) ) ; 
writeln(lst, 'POTENTIAL  ERRORS' :37, 

'ESTIMATION  OF  PROBABILITY ': 42 ) 
writelndst,  'OF  OCCURENCE  AND  DAMAGE' :78); 
writeln ( 1st ,' Rank  P':65,'Rank  Q':ll); 
writeln  < 1st , conststr  < ' - ' , 80 ) ) ; 
clearkey ( indexl ) ; 
with  expsr  do 
repeat 

nextkey  < indexl ,rn,idx); 

if  ok  then 

begin 

getrec  <f i lei , rn , expsr) ; 
k  : =  50  -  length(description) ; 

writeln < 1st, index, '  ', descript ion , conststr ( '  ',k> 

rankP: 11 , rankQ : 11 ) 

end 

until  not  ok; 

writeln  < 1st , conststr  < '  =  ' , 80) ) ; 
closef ile(f ilel ) ; 
close index ( indexl ) 


overlay  procedure  pr intsetf i le ; 
label 

cancel ; 
var 

method  :  char; 

i#D*k*rn  :  integer; 

athd  :  string C171; 

header  :  string [803; 

begin 

action( 'PRINTER  /  SET  FILE'); 
fillchar(mthd,sizeof (mthd) ,0) ; 
fillchar (header, sizeof (header) ,0) ; 
f i 11 char (comb, sizeof (comb) ,0) ; 

select (' SELECT  W)eighted,  P).e.r.t  or  R)anking  : 

t'W','P','R'] , method) ; 

case  method  of 
'W'  ;  begin 

athd  :=  'WEIGHTED  METHOD:  '; 
comb  :  =  wcombindex 
end ; 

'P'  :  begin 

athd  :=  'P.E.R.T.  METHOD:  '; 
comb  :=  pcombindex 
end ; 

'R'  :  begin 

athd  :=  'RANKING  METHOD:  '; 
comb  :=  rcombindex 
end 

end;  (of  case) 

openf ile(filel, dr»cproblem+' . ' ♦ method* ' dt ' , axzeof ( at ) ) ; 

if  not  ok  then 

begin 

message ( 'THERE  IS  NO  FILE  FOR  THE  '-mthd); 
goto  cancel 
end 
else 

cloaef i le ( f i lei ) ; 
write( 1st, #12) ; 
writeln ( 1st ) ; 
wri teln ( 1st ) ; 

writeln ( 1st , ' D  ECISI0N  SUPPORT 

S  Y  S  T  E  M ' : 62 ) ; 
writeln ( l3t , constatr ('-',47): 63); 
writeln ( 1st) ; 

writelndst, 'COST  EFFECTIVENESS  ANALYSIS ': 54 > ; 
wri teln (1st, 'FOR' :41)  ; 

writeln( 1st , 'CONTROL  &  SECURITY  OF  COMPUTER 

SYSTEMS. ' :62) : 

writeln ( 1st ) : 
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writeln  < 1st > ; 

writeln  < 1st , rathd* ' CONTROL  SETS  FOR  WORK  ' ♦cproblem : 62 ) ; 
writeln  < 1st) ; 
writelnC 1st) ; 

writelndst,  'CONTROL  ACTIVITIES  USED  BY  THE  CONTROL 

SETS: ' ) ; 

openf ile(filel,dr+cproblem+'  .del'  , sizeof  (Ctrl)  )  ; 

open index ( index 1 , dr ♦cproblem+ ' . icl ' , sizeof  < Ctrl . index ) , O ) ; 

clearkey ( indexl ) ; 

3  :*  14; 

for  i  : =  1  to  maxctrl  do 
if  combCi]  <>  "  then 
begin 

f indkey ( indexl , rn , comb  C i3  )  ; 

if  ok  then 

begin 

getrec  <f ilel , rn , Ctrl ) ; 

writeln  < 1st , Ctrl . index ,  '  :  ' , Ctrl . description  > ; 

3  3  -  1 

end 

end;  (of  for/if) 
closef ile(filel) ; 
closeindex ( indexl ) ; 
writeln  < 1st) ; 
writeln  < 1st) ; 

header  :=  '  CONTROL  ACTIVITIES 

'  VALUE  COST  EXP. COST  BCR'; 

writeln ( 1st , header ) ; 
wri teln  < 1st „ conststr < ' - ' , 80) ) ; 

openf lle(filel , dr + cproblem+ ' . ' + method + ' dt ' , sizeof ( st ) ) ; 
open index  < indexl , dr  +  cproblem+ ' . ' ♦ method* 'ic' , 

sizeof ( st . Ck ),1) ; 

clearkey ( indexl ) ; 

3  :=  3  +  4; 

k  :=  1; 
with  st  do 
repeat 

nextkey  < indexl ,rn,idx); 

if  ok  then 

begin 

3  :=  3  -  is 

if  3  >  56  then 

begin 

3  :=  5; 

k  :=  k  *  1; 
write  < 1st , #12 ) ; 

write(l3t,mthd+'C0NTR0L  SETS  FOR  WORK 

cproblem :50) ; 

write < 1st page  ':24,k:2); 
wri teln  < 1st ) ; 


f i 11 char (key , sizeof (key) ,  0) ; 
f il lchar  < idx, sizeof (idx) ,0) ; 
ans  :  -  '  ' ; 

while  ans  <>  '5'  do 


begin 

sensanalymenu ; 

select (' SELECT  1,2, 3, 4 


case  ans  of 

'1'  :  help ( ' S' > ; 

'2'  :  controlstrategy; 

'3'  :  graphics; 

'4'  ;  printfiles; 

end  (of  case) 


procedure  help<ch  :  char); 

( SI  - ) 
var 

fl  :  text; 
line  :  string [80] ; 
i , 3  :  integer ; 

begin 

assign ( f  1 ,  ' HELP ' +  ch  + ' .TXT') 
reset (f 1 ) ; 

if  IOresult  =  0  then 
begin 

clrscr ; 
i  :  =  0; 

while  not  eof(fl)  do 
begin 

read In (f 1 , line) ; 
writeln  < line) ; 
i  :  =  i  +  1 ; 
if  i  =  22  then 
begin 
wai  t ; 
i  :  =  0; 
clrscr 
end ; 

if  eof  <  f 1 )  then 
wait 
end ; 
clrscr ; 
makef  rame ; 
putdate ; 

problemf ield (cproblem ) 
end 
end ; 
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